Using Logrus in China and Iran

TL;DR

1. Settings → Strategy → Hardened mode.
2. Pick a server tagged China-ready (green flag in the list).
3. On first launch in a hostile network, wait 10–30 seconds — the app iterates through transports automatically.

What hardened is

Default mode uses fast AEAD operations with open length fields. In China and Iran, DPI can classify the traffic as VPN-like off those fields. In hardened we encrypt frame lengths — the traffic looks like random bytes to DPI.

Details in the blog post China mode: how hardened obfuscation works.

Domain fronting

Hardened mode is complemented by domain fronting: on first connection we route through a Cloudflare / Google / AWS domain so the handshake looks like a request to a popular site. It doesn't hide the payload but it hides the fact of connecting to our server.

Recommendations

• Don't connect to non-China-ready servers — they may work but with heavy disruptions.
• Extremely hostile networks (e.g. corporate Wi-Fi in China) — enable multi-hop: traffic goes through an intermediate node in a neighbouring country, then to the destination server. Settings → Routing → Multi-hop.
• TCP vs UDP: in harsh networks UDP is often throttled entirely. If QUIC doesn't go through, the client automatically tries TCP-based transports.

When to contact support

If you can't connect in 3–5 minutes, don't waste time on manual attempts — email support with your region and ISP. We maintain an internal list of known "hostile" ISPs and specialised configs for them.