Achieving Network Freedom: Setting Up Your Own Proxy Server on a VPS

---

Background

Network freedom is essential for everyone, especially for programmers and researchers. However, due to well-known reasons, there are barriers in mainland China that restrict access to certain websites (e.g., Google, Facebook, Twitter, YouTube, etc.). Initially, this post was intended as a personal note about how to bypass these network barriers. However, many of my friends kept asking me how to achieve network freedom in China. Therefore, I revised this post to make it clearer and easier to understand. I hope this guide helps you perform better in your learning and development.

As individuals, we must develop the ability to discern which information on the Internet can be trusted. Here, I claim that this post is strictly for learning and research purposes.

If you plan to buy a VPN (proxy), you may not need to read this post. Most VPN vendors provide shared proxy servers with bandwidth limitations, which can result in slow speeds. Moreover, you might have concerns about data monitoring by these vendors. By creating your own proxy server, you can enjoy exclusive bandwidth and greater control over your data. If this appeals to you, read on to learn how to set it up. If anything is unclear, feel free to leave a comment.

A Virtual Private Server (VPS) is a virtual machine hosted on the cloud and used by individuals. Companies like Google, Amazon, AWS, Alibaba, and Tencent provide servers to customers, which can be used for website hosting, computation, proxy setup, etc.

This post explains how to set up a Google VPS and configure a network proxy server on it. For instructions on setting up a website on a VPS, refer to my post—Create Your Website on Cloud.

---

Requirements

1. Temporary VPN Access:
   To visit Google and set up your server, you need temporary VPN access. After your server is configured, you can switch to your own service and no longer need the temporary VPN.

   How to get temporary VPN access?
   You can find a VPN vendor and start a free trial. Lol.

2. Basic Computer Knowledge:
   Familiarity with computer systems (especially Linux) is necessary. Otherwise, it may be challenging to understand some terms and implement these steps. If you lack experience, consider following step-by-step video tutorials on platforms like YouTube by searching for SSR and V2Ray.

---

1. Set Up Cloud Virtual Private Server (VPS)

You can use any server capable of accessing the open Internet. Most servers outside of China work well, and you can purchase a mini-server from a cloud provider like Google, AWS, or BandwagonHost. Mini-servers are typically affordable, and payment can be made using a dual-currency credit card. This section demonstrates how to set up a server on Google Cloud.

1. Purchase a VM:
   Visit Google Cloud (currently offering a one-year free trial) or any other vendor. Choose Debian Linux as the operating system and select a location close to China for better access speed (e.g., asia-east, asia-northeast, Hong Kong, Seoul).

2. SSH Connection:
   Connect to your VPS using SSH. You can use a browser-based SSH client or set up an SSH key in your terminal.

3. Address Slow SSH Connections:
   If SSH is slow, it may be due to issues with port 22. Modify the configuration to add additional ports:

   cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
   sudo vim /etc/ssh/sshd_config
   

   Remove the # before Port 22 and add a new port, e.g., Port xxxxx.
   Note: Do not delete Port 22. If the new port becomes inaccessible, you will still have access via port 22.
   Restart the SSH service:

   systemctl restart sshd  # or
   /etc/init.d/sshd restart
   

   To connect using the new port:

   ssh -p xxxxx user@ip
   scp -P xxxxx username@server:(remote location) (local location)
   

4. Verify Open Ports:
   Use the following command to check open ports:

   sudo netstat -tulpn | grep LISTEN
   

---

2. Set Up Proxy Server

There are two popular methods to bypass network restrictions: SSR (ShadowsocksR) and V2Ray.

2.1 Set Up BBR and SSR

1. Install BBR and SSR using scripts:

   sudo -i
   wget --no-check-certificate https://github.com/iyuco/scripts/raw/master/bbr.sh
   chmod +x bbr.sh
   ./bbr.sh
   
   wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocksR.sh
   ./shadowsocksR.sh
   

2. For multi-user accounts, use this script:

   wget -N --no-check-certificate https://raw.githubusercontent.com/ToyoDAdoubi/doubi/master/ssrmu.sh
   chmod +x ssrmu.sh
   bash ssrmu.sh
   

Note: Ensure your cloud server’s firewall allows the SSR port for both HTTP and HTTPS traffic.

---

2.2 Set Up V2Ray

V2Ray is a more robust platform with features like multi-hop configurations and network penetration. It supports the VMess protocol and is generally more stable than SSR.

1. Install V2Ray:

   bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)
   

2. Synchronize the server’s time:

   sudo apt-get install ntp ntpdate -y
   sudo ntpdate -u ntp.api.bz
   sudo hwclock -w  # Write time to hardware
   

3. Update the config.json file in /etc/v2ray/.

4. Start V2Ray:

   sudo systemctl start v2ray
   

5. Configure WebSocket+TLS+Nginx:
   If you already have a website hosted on your server, refer to the V2Ray WebSocket+TLS+Nginx Guide.

---

3. Set Up Linux PC Client

---

3.1 Set Up SSR

1. Download and install the SSR client:

   wget http://www.djangoz.com/ssr
   sudo mv ssr /usr/local/bin
   sudo chmod 766 /usr/local/bin/ssr
   ssr install
   ssr config  # This installs SSR to /usr/local/share/shadowsocksr
   

---

3.2 Set Up V2Ray Client

The steps are similar to setting up the server:

1. Synchronize Time:
   Use the same time synchronization steps as on the server.

2. Download Install Script:

   wget https://install.direct/go.sh
   

3. Run Installation:

   sudo go.sh
   

4. Configure config.json:
   Replace the default configuration file in /etc/v2ray/ with your own config.json.

5. Start V2Ray:

   sudo systemctl start v2ray
   

6. Check Service Status:

   service v2ray status
   

---

4. Using SOCKS on Terminal with Privoxy

---

Privoxy is a tool that listens on a specific port and forwards its traffic to user-defined SOCKS proxies.

Privoxy Setup

1. Install Privoxy:

   sudo apt-get install privoxy
   

2. Configure Privoxy by editing /etc/privoxy/config. Example configuration:

   listen-address 127.0.0.1:8118  # Line 783
   forward-socks5 / 127.0.0.1:1080 .  # Line 1336
   

3. Restart Privoxy:

   sudo /etc/init.d/privoxy restart
   

---

Configure Bash

1. Add proxy settings to .bashrc:

   export http_proxy="http://127.0.0.1:8118"
   export https_proxy="http://127.0.0.1:8118"
   

   Alternatively, set up functions to toggle proxy settings manually:

   # Set Proxy
   function setproxy() {
       export {http,https,ftp}_proxy="http://127.0.0.1:8118"
       export {HTTP,HTTPS,FTP}_PROXY="http://127.0.0.1:8118"
   }
   
   # Unset Proxy
   function unsetproxy() {
       unset {http,https,ftp}_proxy
       unset {HTTP,HTTPS,FTP}_PROXY
   }
   

2. Test the proxy:

   curl http://www.google.com
   

   Note: The ping command cannot be used to test proxy settings, as it uses the ICMP protocol. Use httping to test latency:

   httping -E http://www.google.com
   httping -x 127.0.0.1:8118 http://www.google.com
   

---

Snap Store with Proxy

1. Apply proxy settings system-wide by editing /etc/environment:

   http_proxy=http://127.0.0.1:8118
   https_proxy=http://127.0.0.1:8118
   HTTP_PROXY=http://127.0.0.1:8118
   HTTPS_PROXY=http://127.0.0.1:8118
   

2. For snap version 2.28 or higher, set the proxy:

   sudo snap set system proxy.http="http://127.0.0.1:8118"
   sudo snap set system proxy.https="http://127.0.0.1:8118"
   

3. Alternatively, edit the snapd.service file:

   sudo systemctl edit snapd.service
   

   Add the following lines:

   [Service]
   Environment=http_proxy=http://127.0.0.1:8118
   Environment=https_proxy=http://127.0.0.1:8118
   

4. Reload and restart the service:

   sudo systemctl daemon-reload
   sudo systemctl restart snapd.service
   

---

Apt Use Proxy

1. Configure APT to use the proxy:

   sudo vim /etc/apt/apt.conf.d/05proxy
   

2. Add the following lines:

   Acquire {
       HTTP::proxy "http://127.0.0.1:8118";
       HTTPS::proxy "http://127.0.0.1:8118";
   }
   

---

Set Up Git Proxy

1. Configure Git to use the proxy:

   git config --global http.proxy 'socks5://127.0.0.1:1080'
   git config --global https.proxy 'socks5://127.0.0.1:1080'
   

---

Chrome Management

For Chrome, use the Proxy SwitchyOmega extension to manage proxy settings easily.

---

5. Set Up Other Clients

---

5.1 SSR Clients

1. iOS: Use Wingy.
2. Windows: Use ShadowsocksR-win.
3. Mac: Use ShadowsocksX.
4. Android: Use ShadowsocksR-Android.

---

5.2 V2Ray Clients

Visit the V2Ray GitHub repository to download V2Ray clients for different platforms.

---

Special Statement: This tutorial is solely for learning and research purposes. Thank you for reading!