VPN Turkey
Three escalation levels of censorship resistance
Multi-mode VPN system optimised for users in Turkey: Standard (WireGuard), Stealth (VLESS+REALITY), and Maximum Bypass (VLESS+WebSocket+TLS). Encrypted DNS, web management panel, AI-driven monitoring with auto-fix.
Open the live appproblem
Turkey's censorship rotates blocking strategies fast — DNS poisoning, SNI fingerprinting, deep packet inspection. A single VPN protocol is a single point of failure.
solution
Three-protocol stack with a web panel that issues per-user VLESS UUIDs, hot-reloads server config on change, and generates QR codes for mobile clients. Encrypted DNS (DoH) prevents poisoning; AI monitoring (Uptime Kuma + Ollama) auto-fixes common breakages, and the host VPS auto-recovers via the Hostinger API.
architecture
external → compute → store → ui
outcome
A VPN that escalates: most users on Standard, switches to Stealth when the obvious protocol gets blocked, and falls back to Max Bypass when even SNI is being inspected.
stack
capabilities
- →Three escalation modes
- →Encrypted DNS to prevent poisoning
- →Web panel with self-service registration
- →QR code config for mobile
- →AI-driven monitoring with auto-fix
- →VPS-level auto-recovery
lessons learned
- 01Censorship rotates. A single-protocol VPN is fragile by design — escalation is the architecture.
- 02Self-service registration with QR codes removed about 90% of the support questions.
- 03The auto-recovery loop (panel → monitoring → Hostinger API) was harder to get right than the VPN itself.