ShadowSocks - lightweight UDP, TCP SOCKS5 proxy with encryption can be hosted on the Linux server and client can be running Windows/Android/Mac etc. Lets start with server side installation:


Order approx. 128MB RAM (during my test, 81MB RAM was used while 62MB out of that was cached) Linux CentOS 6.x VPS from there:
After cryptocurrency or perfectmoney etc payment VPS should be created in 2 minutes and SSH login details sent to your e-mail.

Connect to the VPS using software called PuTTY using credentials from the e-mail you received after purchase.

Download appropriate .repo file into /etc/yum.repos.d/ . Example i have CentOS 6 (command: cat /etc/red*), so i used this command to download the repository:

wget -P /etc/yum.repos.d/

For CentOS 7, command was: wget -P /etc/yum.repos.d/

yum clean all;yum update

yum install shadowsocks-libev

service should already be set to run at boot (on):

chkconfig --list|grep soc
shadowsocks-libev 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Enable @ boot on CentOS 7: systemctl enable shadowsocks-libev
On CentOS 6: chkconfig shadowsocks-libev on

edit server configuration file:

vi /etc/shadowsocks-libev/config.json

and make it to be:

start the proxy service:

service shadowsocks-libev start

logfile might be: tail /var/log/messages
manual page: man shadowsocks-libev
quit manual page by typing: q

Might be good to increase open files limit, read here:


Download & run ShadowSocks client software from
For Android, search Google Play for shadow socks, setup is similar like for Windows. In Android, app was failing to autostart/connect at phone start, so i had to use MacroDroid app to setup autolaunch.

Example Shadowsocks 2.5.6:

Name:  Shadowsocks_newproxy.gif
Views: 1598
Size:  12.5 KB
the port is one you set in server config file (1082 maybe)

then global enable proxy in the Internet Explorer (IE) settings:

Name:  Shadowsocks_enable_proxy_global.jpg
Views: 1242
Size:  69.9 KB
(PAC mode not worked for me)

After client software is configured and connection with proxy established, one can set system proxy to be: (or whatever port you used in server/client configuration), i also made sure to whitelist that port in Windows firewall configuration (UDP+TCP).

And it worked for me. Verified on IP site like
Then veriffy yourself on the leak test: . If there are DNS servers of your ISP or other open DNS, try to install pdnsd + ipset + dnsmasq to proxiffy DNS requests too.

---- Example ShadowSocks-libev configuration files ----

SERVER CONFIG: vi /etc/shadowsocks-libev/config.json


CLIENT CONFIG: C:\Users\Username\Desktop\Shadowsocks-win-2.5.6\gui-config.json

"configs" : [
"server" : "myserveriphere",
"server_port" : 8388,
"password" : "myproxypasswordhere",
"method" : "aes-256-cfb",
"remarks" : ""}

"strategy" : null,
"index" : 0,
"global" : false,
"enabled" : false,
"shareOverLan" : false,
"isDefault" : false,
"localPort" : 1082,
"pacUrl" : null,
"useOnlinePac" : false,
"availabilityStatistics" : false}


If server configuration file is modified, one need to restart socks service:
service shadowsocks-libev restart