Shadowsocks documentation

what is shadowsocks?

Shadowsocks is a secure proxy based on SOCKS5. 

client <—> ss-local <–[encrypted]–> ss-remote <—> target

Shadowsocks makes an internet connection through a third-party server which makes it seem as if you are coming from another location.

If you are trying to access a blocked website through your current internet service provider (ISP), your access will be denied based on your location.

Using Shadowsocks, you can reroute your server to a server from an unblocked location to access the blocked website.

How does shadowsocks work?

The Shadowsocks instance acts as a proxy service to clients (ss-local.) It uses a process of encrypting and forwarding data/packets from the client to the remote server (ss-remote), which will decrypt the data and forward to the target.

A reply from the target will also be encrypted and sent by ss-remote back to the client (ss-local.)

Shadowsocks use cases

Shadowsocks can be used to access blocked websites based on geolocation.


Here are some of the use-cases:

  • Market research (Access foreign or competitor’s websites that may have blocked your location/IP address.)
  • Cybersecurity (Reconnaissance or OSINT investigation work)
  • Evade censorship restrictions (Have access to websites or other information that has been censored by your country.)
  • Access restricted services or media that is available in other countries (Be able to purchase services or stream media that is only available in other locations.)
  • Internet privacy (Using a proxy server will hide your true location and identity.)

Launch An Instance Of Shadowsocks On AWS

We created an instance of Shadowsocks on AWS to drastically cut the setup time.


Our instance allows for scalable deployment, so if you have hundreds or thousands of servers to configure, you can quickly get up and running.


Check out a list of the Shadowsocks features that are provided on the AWS instance below.


Go-ShadowSocks2 Features:

  • SOCKS5 proxy with UDP Associate
  • Support for Netfilter TCP redirect on Linux (IPv6 should work but not tested)
  • Support for Packet Filter TCP redirect on MacOS/Darwin (IPv4 only)
  • UDP tunneling (e.g. relay DNS packets)
  • TCP tunneling (e.g. benchmark with iperf3)
  • SIP003 plugins
  • Replay attack mitigation

To start using Shadowsocks, launch an instance on AWS here.


Once you launch the instance, you can follow our client setup guide here:


Shadowsocks Setup Guide: How To Install

Start your 5-day Free trial