skip to Main Content

The ISP in my country block my website for a political reasons.

In the first time, they block my website IP address, so every time they block the IP, I change the IP to a new one, so I can avoid the block.

But now, they block my website by block the name of Host, so All IPs blocked.

is there a way to encrypt Host header with HTTPS?

or any one have idea to avoid the block

3

Answers


  1. is there a way to encrypt Host header with HTTPS?

    The Host header is encrypted when HTTPS is used. This means they cannot block based on this. They might use DNS based blocking or SNI based blocking using Deep Packet Inspection.

    Both can usually not be bypassed by simply making changes to your website (except for changing the domain name), i.e. client side support like using a different DNS server, using a VPN or similar would be required to bypass the block. While ESNI (encrypted SNI) might be an option in theory, some states like China simply block such traffic they can not analyze. There is fantastic research about bypassing censorship in various countries and there are a few tricks which can be employed server side. But the details very much depend on how exactly the blocking works in your specific case – which is unknown.

    Login or Signup to reply.
  2. HTTP Host header is encrypted in HTTPS, but SSL Certificate hostname (Server Name Indication) isn’t. So you have to bypass SNI-based HTTPS Filtering.

    For the details try this document Efficiently Bypassing SNI-based HTTPS Filtering

    Login or Signup to reply.
  3. https://blog.cloudflare.com/encrypted-sni/

    Perhaps TLS 1.3 could help with encrypted SNIs

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search