XHTTP
Xray is a networking utility for building encrypted tunnels between a proxy client and a proxy server. The Xray XHTTP transport splits the upload channel and the download channel. In this example, the upload arrives at port 443, and the download uses port 8443.
1. Install and configure Xray server
1.1. Open firewall
Open your server's firewall and/or security groups for input on tcp/443 and tcp/8443.
1.2. Install Xray
SSH into your server as root.
Install Xray:
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
1.3. Generate UUID
Generate a universally unique id:
xray uuid
Example:
151940d1-50a9-49dd-94cc-0884bbb59127
1.4. Generate two X25519 key pairs
Generate a first public-private key pair for upload:
xray x25519
Example:
Private key: iJ094QDXKk0bDmZUPTxxZNytl256u1cqn7bQ1MsciDo
Public key: 8zSuQb5wxHUOYj_pLZ5DBBeFFEoczCOPVW6WFJSAB2k
Generate a second public-private key pair for download:
xray x25519
Example:
Private key: 2NZPdafvN3akvX6pqNfZbDVd6PYZHlcyqRsd38Dd4Cw
Public key: 9Mrn_IDBy4s2j6H_MRMwL_Ih7f4ZONSksfymJ0-etTY
1.5. Generate path
Generate a secret path:
< /dev/urandom tr -dc a-z0-9 | head -c${1:-8};echo;
Example:
pujw2bcn
1.6. Configure server
Edit the server configuration file:
vi /usr/local/etc/xray/config.json
Example:
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"listen": "@xhttp",
"protocol": "vless",
"settings": {
"decryption": "none",
"clients": [
{
"id": "151940d1-50a9-49dd-94cc-0884bbb59127"
}
]
},
"streamSettings": {
"network": "xhttp",
"xhttpSettings": {
"path": "/pujw2bcn"
}
}
},
{
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"decryption": "none",
"fallbacks": [
{
"dest": "@xhttp"
}
]
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"xver": 0,
"target": "www.apple.com:443",
"serverNames": [
"www.apple.com"
],
"privateKey": "iJ094QDXKk0bDmZUPTxxZNytl256u1cqn7bQ1MsciDo",
"shortIds": [
""
]
}
}
},
{
"listen": "0.0.0.0",
"port": 8443,
"protocol": "vless",
"settings": {
"decryption": "none",
"fallbacks": [
{
"dest": "@xhttp"
}
]
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"xver": 0,
"target": "www.bing.com:443",
"serverNames": [
"www.bing.com"
],
"privateKey": "2NZPdafvN3akvX6pqNfZbDVd6PYZHlcyqRsd38Dd4Cw",
"shortIds": [
""
]
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct"
},
{
"protocol": "blackhole",
"tag": "block"
}
]
}
Replace the sample values in the above with your own generated values.
Save the file.
1.7. Start service
Restart the Xray systemd service:
systemctl restart xray
Exit your SSH session with the server.
2. Install and configure Xray client
2.1. Install client
Download the client executable from https://github.com/XTLS/Xray-core/releases.
Example:
Xray-windows-64.zip
2.2. Configure client
Create a client configuration file config.json in the same folder as the Xray client executable.
Example:
{
"log": {
"loglevel": "warning"
},
"routing": {
"rules": [
{
"ip": [
"geoip:private"
],
"outboundTag": "direct"
}
]
},
"inbounds": [
{
"listen": "127.0.0.1",
"port": 10808,
"protocol": "socks"
},
{
"listen": "127.0.0.1",
"port": 10809,
"protocol": "http"
}
],
"outbounds": [
{
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "XRAY.SERVER.IP.ADDRESS",
"port": 443,
"users": [
{
"id": "151940d1-50a9-49dd-94cc-0884bbb59127",
"encryption": "none"
}
]
}
]
},
"streamSettings": {
"network": "xhttp",
"xhttpSettings": {
"path": "/pujw2bcn",
"downloadSettings": {
"address": "XRAY.SERVER.IP.ADDRESS",
"port": 8443,
"network": "xhttp",
"xhttpSettings": {
"path": "/pujw2bcn"
},
"security": "reality",
"realitySettings": {
"fingerprint": "chrome",
"serverName": "www.bing.com",
"publicKey": "9Mrn_IDBy4s2j6H_MRMwL_Ih7f4ZONSksfymJ0-etTY"
}
}
},
"security": "reality",
"realitySettings": {
"fingerprint": "chrome",
"serverName": "www.apple.com",
"publicKey": "8zSuQb5wxHUOYj_pLZ5DBBeFFEoczCOPVW6WFJSAB2k"
}
}
},
{
"protocol": "freedom",
"tag": "direct"
}
]
}
Replace XRAY.SERVER.IP.ADDRESS in the above (there are two occurrences) with your Xray server's IP address.
Save the file.
2.3. Run client
Run the client in a command prompt window.
Example:
xray.exe -c config.json
Leave the command prompt window open, with xray running in it.
2.4. Install and configure Firefox
Download Firefox browser from https://www.mozilla.org.
Edit Settings > General > Network Settings > Settings.
Set Manual proxy configuration, SOCKS Host 127.0.0.1, Port 10808, SOCKS v5, Proxy DNS when using SOCKS v5.
Browse the web.