How to set up a VPN by yourself

Self-Hosted Shadowsocks VPN

1. Create VPS

Use DigitalOcean, Vultr, or similar. Choose Ubuntu 24.04 LTS. Copy the server IP after creation.

2. SSH into Server

ssh root@YOUR_SERVER_IP

3. Install Shadowsocks

apt update
apt install -y shadowsocks-libev

Create config (replace YOUR_PASSWORD with your password). Port 2640 can be changed; if you change it, update the same port in step 5 (firewall) and step 6 (Clash):

cat > /etc/shadowsocks-libev/config.json << 'EOF'
{
    "server": "0.0.0.0",
    "server_port": 2640,
    "password": "YOUR_PASSWORD",
    "timeout": 300,
    "method": "aes-256-gcm"
}
EOF

Start and enable on boot:

systemctl enable shadowsocks-libev
systemctl start shadowsocks-libev
systemctl status shadowsocks-libev

Verify it listens on 0.0.0.0:2640 (not 127.0.0.1).

4. Reload and Restart Service (Required Troubleshooting)

Run these commands to ensure the daemon is reloaded and the service correctly applies the configuration:

systemctl stop shadowsocks-libev
systemctl daemon-reload
systemctl restart shadowsocks-libev

5. Open Firewall Port

ufw allow 2640/tcp
ufw allow 22/tcp
ufw --force enable
ufw status

DigitalOcean users: Networking → Firewalls → add inbound rule TCP 2640, then attach the firewall to your Droplet.

6. Clash Config

Replace YOUR_SERVER_IP and YOUR_PASSWORD. Port must match step 3.

mixed-port: 7890
allow-lan: false
mode: rule

dns:
  enable: true
  enhanced-mode: fake-ip
  nameserver: [223.5.5.5, 119.29.29.29]
  fallback: [1.1.1.1, 8.8.8.8]

proxies:
  - name: monkey
    type: ss
    server: YOUR_SERVER_IP
    port: 2640
    cipher: aes-256-gcm
    password: "YOUR_PASSWORD"

proxy-groups:
  - name: PROXY
    type: select
    proxies:
      - monkey
      - DIRECT

rules:
  - GEOIP,CN,DIRECT
  - MATCH,PROXY

Save as config.yml, load in Clash for Windows. Or config.yaml for FlClash.

7. Uninstall & Cleanup (Optional)

If you need to completely stop the service, remove shadowsocks, and clean up all configurations and firewall rules, run the following:

# Stop and disable the service
systemctl stop shadowsocks-libev
systemctl disable shadowsocks-libev

# Purge the package and automatically remove dependencies
apt purge -y shadowsocks-libev
apt autoremove -y

# Remove the configuration folder
rm -rf /etc/shadowsocks-libev

# Remove the firewall rule (if you added it)
ufw delete allow 2640/tcp
Location: Hefei, Anhui, China

Comments

Post a Comment