Show HN: Silksong Map Online (silksongmap.co)

Since government just banned facebook, youtube, instagram, reddit, discord among many others, I need a VPN for me and my family. The budget is not fixed as of yet but I would prefer it remain under 10 bucks.

I just heard that vpn server can be misused and since they are shared among many users. And that cause your applications to get flagged and be unusable.

That has led me to wanting a private virtual server and hosting a vpn server over it.

What do you think? Is this recommended?

Comments (5)

Centrino · 4h ago

It works. Just make sure you install and configure wireguard correctly on the VPS and on the client computers. Make sure IP forwarding is enabled on the VPS. That should suffice to have your personal VPN running.

Some censorship-heavy countries are blocking Wireguard though. And if VPN use is prohibited by law in your country, your use of Wireguard can be detected if they want to.

shivajikobardan · 3h ago

What else would you recommend? I would love to hear your thoughts. This media ban is terrible. It is throttling down the entire internet.

3np · 3h ago

You can start with the wireguard only and see how that works.

You can "dry run" by setting up a local staging server on your LAN (using some nonblocked sites to test) first and then replicate on the VPS.

Try to get comfortable with tcpdump and wireshark to troubleshoot and verify.

Recommended to use some configuration management (ansible or whatever you prefer) so you can easily jump to a new provider if need be in the future.

If things are working fine locally but not on the VPS, that's when filtering may be at play (also check your MTUs; this is where tcpdump is your friend). You can add obfuscation under wireguard (meaning wg will be running on top of another overlay network). Shadowsocks used to be recommended. These days the Chinese are at the front of the game. Search for shadowsocks successors and you will find.

Sometimes openvpn (tcp) works more reliably where wireguard (udp) doesn't.

Also take care of your DNS. Check for leaks.

Sometimes it's more straightforward and can be safer to set up a forwarding HTTP or TCP proxy on the VPS (and/or locally: these can be chained) and configuring that in your browser/apps rather than straight up routing all traffic over the tunnel.

Consider how much you trust the VPS provider and its infra provider(s). If you want to be more careful you can set up multi-hop, exiting either via another VPS on a separate provider or a commercial VPN provider. Using a commercial provider for your exit can help improve anonymity wrt to the sites you visit (since your IP won't be unique from their view).

Oh, and do try to get off facebook, youtube, instagram, reddit, discord. It's really time to migrate for several reasons. Try to find better online connection points for your friends and family, as well as connecting to the world, than US Big Tech (yes I see the irony in saying that here).

jere_id · 4h ago

Think about the risks: you’ll need to install, configure, update, and secure the server yourself. It will be a single point of failure, and the new VPS IP can still be blocked by some platforms (I see you Red*it). You must trust the VPS provider or choose a privacy‑friendly region, since the host can see metadata and some providers don’t allow tunneling. if you can afford to do this then yes sure.

shivajikobardan · 3h ago

Fck government has throttled (likely) all these vpn selling sites.