net4people
Avoiding Live `VPN/Proxy Detection`
TO anyone with expertise in this matter,
I’ve been using Xray-core for my VPN setup for quite some time. Previously, I’ve experimented with various VPN setups, including OpenVPN, WireGuard, SoftEther, Mullvad, Proton, and CyberGhost configurations. My goal has always been to establish a highly secure and private personal VPN setup. To that end, I’ve followed all recommended guides and implemented multiple layers of protection, including:
iptables Fail2Ban Snort & Suricata pfSense ModSecurity CSF (ConfigServer Security & Firewall)
Despite these efforts, I’ve encountered a recurring issue. When testing my setup using various online proxy and VPN detection tools, such as incolumitas.com, proxydetect.live, and several others ,my VPS still appears to expose its VPN/proxy signature. This makes it detectable as a VPN or proxy server, undermining the level of anonymity and privacy I am trying to achieve.
I’ve attached screenshots of the detection results for your reference.
would sincerely appreciate any advice, suggestions, or detailed guidelines on how to further improve my VPN setup to prevent detection by these online services. If there are advanced techniques for obfuscating VPN/proxy traffic or addressing VPS IP reputation issues, I would be eager to learn and implement them.
Thank you in advance for your time and assistance!
i never used this detection services but for me the reason websites know im using vpn is 99% datacenter ip. most commonly hetzner whole ASN as the biggest network many use as vpn. this detections may use way higher weight for "datacenter ip" result as final answer. try to use a lesser known hosting vps or if you really care that much buy residential proxy and pass some of your traffic to this proxy since they are really expensive. other that this stuff as a personal user of your own server there is no point to going further down unless you are using some very sensitive services like crypto websites then its worth it
i don't think you understand what you're doing. most of the stuff you're afraid of will be resolved with a residential IP and RDP connection instead of proxy/vpn
Thanks, @IMIEEET, for your kind reply.
As you mentioned, residential IPs are the way to go, but they’re extremely expensive for personal use, even for maximum security, banking, and crypto websites.
I’ve been exploring alternatives and was hoping to find out if there are any tricks or obfuscation techniques that could reduce detection, such as latency tests, net resolving, or TCP/IP fingerprinting. I believe there’s not much we can do to bypass datacenter IP detection, but IP timezone mismatches might be manageable if the client device and server share the same timezone.
As I’m new to this field and still learning, I really appreciate your time and input, my friend!
@BK8000L Thanks for your reply!
Of course, residential IPs are the best for browsing anonymously, bypassing geo blocks, and Using proxies and RDP connections for remote access is the easiest solution. However, as I mentioned above and you’re absolutely right, as I’m new to this field and still learning 🙂, I was hoping for alternative suggestions or recommendations from the community. Perhaps others who have faced the same problem in the past or have done research on these matters could share their insights publicly.
But thanks anyway
the easiest you can do without RDP is use openvpn with "tun-mtu 1500" and "mssfix 0" and a server which has low latency to you (15ms or less i guess), and also changing the timezone on your PC. but i doubt that any real websites does such checks.