Signal: Help People In Iran Reconnect to Signal

~4 min read | Published on 2022-09-23, tagged IranSignal using 804 words.

Signal is currently blocked in Iran, according to a Signal blog post with instructions on setting up a proxy server.
Via Signal:
Signal is currently blocked in Iran. To help people in the country access Signal, we are republishing and revising a post that we originally posted in February, 2021 during a very similar situation in Iran.

Signal TLS Proxy on GitHub

If you are willing and able, please follow the instructions below to set up a proxy server that will enable people in Iran to connect to Signal. We are grateful to the community who pitches in to help each other during these moments.
If you are currently running a proxy, you will need to make some updates to ensure it continues to function. Update instructions are here.
As an interim solution to help people in Iran get connected to Signal, we’ve added support in Signal for a simple TLS proxy that is easy to set up, can be used to bypass the network block, and will securely route traffic to the Signal service.
This connection method is supported in the Signal Android app. Our hope is that this will help people in Iran start communicating on Signal while we continue to explore additional censorship circumvention techniques that will work there.How to act as a proxy
If you want to help by running a proxy, to get started you only need the following:
A server with ports 80 and 443 available.*A domain name (or subdomain) that points to the server’s IP address.
The proxy is extremely lightweight. An inexpensive and tiny VPS can easily handle hundreds of concurrent users. Here’s how to make it work:[
  • SSH into the server.*Install Docker, Docker Compose, and git:
  • <code>sudo apt update && sudo apt install docker docker-compose git</code>
  • Clone the Signal TLS Proxy repository:
  • <code>git clone </code><code></code>[
  • Enter the repo directory:
  • <code>cd Signal-TLS-Proxy</code>
  • Run the helper script that configures and provisions a TLS certificate from Let’s Encrypt:
  • <code>sudo ./</code>
  • You will be prompted to enter the domain or subdomain that is pointing to this server’s IP address.
  • Use Docker Compose to launch the proxy:
  • <code>sudo docker-compose up --detach</code>
  • Your proxy is now running! You can share your proxy with friends and family using this URL format: <code></code><code><your_domain_name></code>

    Signal TLS Proxy on GitHub

    The Signal Android app is registered to handle links from <code></code>. The app can automatically configure proxy support when you tap on a link from any other app. This step happens before any web request is made, so even if a censor tries to block that domain it won’t accomplish anything. You can also manually configure proxy information in your Signal Settings too.An unorthodox-y proxy
    Unlike a standard HTTP proxy, connections to the Signal TLS Proxy look just like regular encrypted web traffic. There’s no <code>CONNECT</code> method in a plaintext request to reveal to censors that a proxy is being used. Valid TLS certificates are provisioned for every proxy server, making it more difficult for censors to fingerprint the traffic than it would be if static self-signed certificates were used instead. In short, everything is designed to blend into the background as much as possible.
    The Signal client establishes a normal TLS connection with the proxy, and the proxy simply forwards any bytes it receives to the actual Signal service. Any non-Signal traffic is blocked. Additionally, the Signal client still negotiates its standard TLS connection with the Signal endpoints through the tunnel.
    This means that in addition to the end-to-end encryption that protects everything in Signal, all traffic remains opaque to the proxy operator.Get the word out: use hashtag #IRanASignalProxy
    If you set up a Signal Proxy and you want to let the world know, you can use the hashtag #IRanASignalProxy.
    When you publicly post a <code></code> link, or if a particular server becomes too popular, it increases the chance that Iranian censors will simply add those IPs to their block list.
    A more discreet approach would be to only send the link via a DM or a non-public message. You can post something like this on your favorite social network:
    #IRanASignalProxy Reply to this thread if you want the connection details, and follow me so I can DM you the link.
    Although it’s easy to launch new proxies if one gets blocked, we want to do everything we can to make things as difficult for Iranian censors as possible. As long as there are servers in the world, there is no limit to the number of Signal TLS Proxies that people can run.

    Signal TLS Proxy on GitHub

    Only the start of the proxy battle
    We hope that organizations and individuals will step up to run Signal TLS Proxy servers for Iranian users and help coordinate their distribution. We’re also continuing to investigate other techniques that are more automated and convenient.
    Like everyone else in the world, people in Iran deserve privacy. We hope this helps, and thank you sincerely to our community for stepping up.

    Comments (7)


    O ya and, put some ***signal*** on that iPhone cabron! You could also use Google Voice or Skype, really depends on your access to: local Wi-Fi, phones and laptops, crypto, an ***imagination*** <- definitely death penalty in China hahahaha


    When the lights go out, it’s nice to know there is something out there




    That asswad up there is trying to plug a vpn owned by A CHINESE COMPANY. Free Iran!


    It's all fully useless since no matter which proxy you use Iran cans very well block all SMS messages containing 'Your Signal verification code is' from entering the country at the Telco level. Signal should just ditch these dumbass centralized phone numbers. Phone numbers are vulnerable to DoS attacks if the Telcos lick the big daddy govt & refuse to deliver SMS verification codes. Session is like Signal but without crappy phone numbers. Use that instead.


    good thing, use tg


    ***Fr33 Iran*** long live Iran, I mean 1 fuck around country is all you really need in the nuclear game and that’s really when the negotiator rhetoric adjusts dude ***Iranian people be tru3***