ShadowSocks - lightweight UDP, TCP SOCKS5 proxy with encryption can be hosted on the Linux server and client can be running Windows/Android/Mac etc. Lets start with server side installation:

NOTE: On Linux client i am not happy with the client software shadowsocks-qt5 (it looks to have memory leaks and is not maintained), i may tend to use something else like or v2ray/tutorial2. or brook?


Order approx. 128MB RAM (during my test, 81MB RAM was used while 62MB out of that was cached) Linux CentOS 6.x VPS from there:

Connect to the VPS using software called PuTTY using credentials from the e-mail you received after purchase.

In case of CentOS Linux, download appropriate .repo file into /etc/yum.repos.d/ . Example i have CentOS 6 (command: cat /etc/red*), so i used this command to download the repository:

wget -P /etc/yum.repos.d/

For CentOS 7, command was: wget -P /etc/yum.repos.d/

For any Linux, including CentOS, continue like this:

yum clean all 2>/dev/null && yum update 2>/dev/null || apt update 2>/dev/null

yum install shadowsocks-libev -y 2>/dev/null || apt install shadowsocks-libev -y 2>/dev/null;apt install shadowsocks 2>/dev/null

service should already be set to run at boot (on):

chkconfig --list 2>/dev/null|grep soc||systemctl list-unit-files 2>/dev/null|grep "sock"
shadowsocks-libev 0:off 1:off 2:on 3:on 4:on 5:on 6:off
If no output/not enabled, try: systemctl enable shadowsocks-libev;systemctl enable shadowsocks 2>/dev/null
or: chkconfig shadowsocks-libev on

edit server configuration file:

vi /etc/shadowsocks*/config.json

and make it to be:

start the proxy service:

service shadowsocks-libev restart

logfile might be: tail /var/log/messages
manual page: man shadowsocks-libev
quit manual page by typing: q

Might be good to increase open files limit, read here:


Download & run ShadowSocks client software from
For Android, search Google Play for shadow socks, setup is similar like for Windows. In Android, app was failing to autostart/connect at phone start, so i had to use MacroDroid app to setup autolaunch.

Example Shadowsocks 2.5.6:

Name:  Shadowsocks_newproxy.gif
Views: 1960
Size:  12.5 KB
the port is one you set in server config file (1082 maybe) and Encryption method is one you used in server config file.

then global enable proxy in the Internet Explorer (IE) settings:

Name:  Shadowsocks_enable_proxy_global.jpg
Views: 1586
Size:  69.9 KB
(PAC mode not worked for me)

After client software is configured and connection with proxy established, one can set system proxy to be: (or whatever port you used in server/client configuration), i also made sure to whitelist that port in Windows firewall configuration (UDP+TCP).

And it worked for me. Verified on IP site like
Then veriffy yourself on the leak test: . If there are DNS servers of your ISP or other open DNS, try to install pdnsd + ipset + dnsmasq to proxiffy DNS requests too.

---- Example ShadowSocks-libev configuration files ----

SERVER CONFIG: vi /etc/shadowsocks*/config.json


CLIENT CONFIG: C:\Users\Username\Desktop\Shadowsocks-win-2.5.6\gui-config.json

"configs" : [
"server" : "myserveriphere",
"server_port" : 8388,
"password" : "myproxypasswordhere",
"method" : "aes-256-cfb",
"remarks" : ""}

"strategy" : null,
"index" : 0,
"global" : false,
"enabled" : false,
"shareOverLan" : false,
"isDefault" : false,
"localPort" : 1082,
"pacUrl" : null,
"useOnlinePac" : false,
"availabilityStatistics" : false}


If server configuration file is modified, one need to restart ss service:
service shadowsocks-libev restart