███╗   ███╗ ██████╗  █████╗ ██╗   ██╗
 ████╗ ████║██╔═══██╗██╔══██╗██║   ██║
 ██╔████╔██║██║   ██║███████║██║   ██║
 ██║╚██╔╝██║██║   ██║██╔══██║╚██╗ ██╔╝
 ██║ ╚═╝ ██║╚██████╔╝██║  ██║ ╚████╔╝
 ╚═╝     ╚═╝ ╚═════╝ ╚═╝  ╚═╝  ╚═══╝

Mother of all VPNs

Multi-protocol Internet censorship circumvention stack
optimized for hostile network environments

Quick Install
$ curl -fsSL moav.sh/install.sh | bash
View on GitHub Documentation

Multi-Protocol Arsenal

Multiple protocols, one stack. If one is blocked, others take over.

Stealth Proxies

Reality (VLESS), Hysteria2, Trojan. Look like normal HTTPS. CDN mode routes through Cloudflare when IP is blocked.

443/tcp · 443/udp · 8443/tcp · CDN

XHTTP (Xray)

Multiplexed HTTP requests with Reality TLS camouflage. Traffic looks like regular web browsing. No domain needed.

2096/tcp · Xray-core

WireGuard VPN

Full VPN mode. Direct UDP or tunneled over WebSocket (wstunnel) when UDP is blocked.

51820/udp · 8080/tcp

AmneziaWG

Obfuscated WireGuard that defeats deep packet inspection. Same speed, invisible to DPI filters.

51821/udp

DNS Tunnels

Last resort when everything else is blocked. XDNS (FinalMask, enabled by default), dnstt, and Slipstream (QUIC-over-DNS).

53/udp · Xray-core

Telegram MTProxy

Fake-TLS V2 proxy for direct Telegram access. Mimics IMAPS traffic, works without a domain.

993/tcp

Psiphon Conduit

Donate bandwidth to help others bypass censorship. Support the global anti-censorship network.

Psiphon Network

Tor Snowflake

Donate bandwidth to the Tor network. Help Tor users bypass censorship worldwide.

Tor Network

TrustTunnel

HTTP/2 and QUIC tunneling. Looks exactly like normal HTTPS traffic to deep packet inspection.

4443/tcp+udp

Your Protocol?

Easy to add new protocols! Know one that should be here? Let us know.

Request Send PR

See client apps to connect with these protocols.

Why MoaV?

Internet access is a human right. MoaV exists because censorship shouldn't.

When governments shut down the internet, people lose access to news, banking, healthcare, and contact with family. MoaV provides 16+ fallback protocols so when some are blocked, others keep working.
Run your own server, share with trusted people, or donate bandwidth for a global internet access.

Deploy in Minutes

Single command setup. Docker Compose handles the rest. No manual configuration needed.

Multi-User Ready

Create, revoke, and manage users independently. Each user gets unique credentials.

Stealth First

All traffic looks like normal HTTPS, WebSocket, DNS, or IMAPS. Decoy website included.

Protocol Fallback

If one protocol is blocked, others automatically take over. Multiple layers of redundancy.

Cross-Platform

Works with popular clients on iOS, Android, macOS, Windows, and Linux.

Open Source

Fully transparent. Audit the code, contribute, or fork. MIT licensed.

Donate Bandwidth

Your server can help millions. Donate bandwidth to Psiphon Conduit (millions of users worldwide), Tor Snowflake, or share VPN configs to Mahsa VPN.
One command: moav donate.

Self-Hosted Freedom

Your server, your rules. No third-party services, no subscriptions, no data collection. Full control.

See It In Action

From zero to all protocols running in minutes

01

Quick Installation

Demo coming soon

Click to enlarge
02

Setup & Bootstrap

Demo coming soon

Click to enlarge
03

Admin & User Management

Web-based admin panel

Prometheus stats, user management, config bundles, MahsaNet donations

Click to enlarge
05

Service Management

Demo coming soon

Click to enlarge
06

Grafana Monitoring

Real-time metrics

Per-user traffic, protocol breakdown, country distribution

Click to enlarge
08

User Config Bundles

Config bundles with QR codes

Zip, share, scan, connect

Click to enlarge

Architecture Overview

                                                              ┌───────────────┐  ┌───────────────┐
       ┌───────────────┐                                      │ Psiphon Users │  │   Tor Users   │
       │  Your Clients │                                      │  (worldwide)  │  │  (worldwide)  │
       │   (private)   │                                      └───────┬───────┘  └───────┬───────┘
       └───────┬───────┘                                              │                  │
               │                                                      │                  │
               ├─────────────────┐                                    │                  │
               │                 │ (when IP blocked)                  │                  │
               │          ┌──────┴───────┐                            │                  │
               │          │ Cloudflare   │                            │                  │
               │          │  CDN (VLESS) │                            │                  │
               │          └──────┬───────┘                            │                  │
               │                 │                                    │                  │
┌──────────────╪─────────────────╪────────────────────────────────────╪──────────────────╪─────────┐
│              │                 │          Restricted Internet       │                  │         │
└──────────────╪─────────────────╪────────────────────────────────────╪──────────────────╪─────────┘
               │                 │                                    │                  │
╔══════════════╪═════════════════╪════════════════════════════════════╪══════════════════╪═════════╗
║              │                 │                                    │                  │         ║
║     ┌────────┼─────────────────┼───────┼──────┐                     │                  │         ║
║     │        │         │       │       │      │                     │                  │         ║
║     ▼        ▼         ▼       ▼       ▼      ▼                     ▼                  ▼         ║
║ ┌─────────┐┌─────────┐┌───────┐┌─────────┐┌────────┐          ┌───────────┐      ┌───────────┐   ║
║ │ Reality ││WireGuard││ Trust ││  DNS    ││Telegram│          │           │      │           │   ║
║ │ 443/tcp ││51820/udp││Tunnel ││ 53/udp  ││MTProxy │          │  Conduit  │      │ Snowflake │   ║
║ │ Trojan  ││AmneziaWG││4443/  │├─────────┤│993/tcp │          │  (donate  │      │  (donate  │   ║
║ │8443/tcp ││51821/udp││tcp+udp││  dnstt  │└───┬────┘          │ bandwidth)│      │ bandwidth)│   ║
║ │Hysteria2││wstunnel ││       ││Slipstrm │    │               └─────┬─────┘      └─────┬─────┘   ║
║ │ 443/udp ││8080/tcp ││       │└────┬────┘    │                     │                  │         ║
║ │ CDN WS  │└────┬────┘└───┬───┘     │         │                     │                  │         ║
║ │2082/tcp │     │         │         │         │  ┌────────────────┐ │                  │     M   ║
║ ├─────────┤     │         │         │         │  │ Grafana  :9444 │ │                  │     O   ║
║ │ sing-box│     │         │         │         │  │ Prometheus     │ │                  │     A   ║
║ └────┬────┘     │         │         │         │  └────────────────┘ │                  │     V   ║
║      │          │         │         │         │                     │                  │         ║
╚══════╪══════════╪═════════╪═════════╪═════════╪═════════════════════╪══════════════════╪═════════╝
       │          │         │         │         │                     │                  │
       ▼          ▼         ▼         ▼         ▼                     ▼                  ▼
┌─────────────────────────────────────────────────────────────────────────────────────────────────┐
│                                        Open Internet                                            │
└─────────────────────────────────────────────────────────────────────────────────────────────────┘

Quick Start

From zero to running in minutes. Use the one-liner or manual setup.

1

Install with One Command

Terminal 
curl -fsSL moav.sh/install.sh | bash

Installs Docker, clones MoaV, prompts for domain/email/password, and starts the interactive setup.

Manual install (alternative)
Terminal 
git clone https://github.com/shayanb/MoaV.git
cd MoaV
cp .env.example .env
nano .env  # Set DOMAIN, ACME_EMAIL, ADMIN_PASSWORD
./moav.sh
2

Use the CLI

Terminal 
moav                   # Interactive menu
moav start             # Start services
moav user add joe      # Add a user
moav update            # Update MoaV

After installation, use moav from anywhere. Run moav help for all commands.

3

Download Configs & Connect

Download user bundles from the admin dashboard at https://your-server:9443, or scan QR codes directly from the terminal. Each bundle contains configs for all protocols.

📱 iOS
Happ Streisand Hiddify V2Box Shadowrocket ($) sing-box WireGuard Onion Browser Psiphon
🤖 Android
Happ v2rayNG Hiddify NekoBox V2Box WireGuard Tor Browser Psiphon
🪟 Windows
v2rayN Hiddify Clash Verge WireGuard Tor Browser Psiphon
🍎 macOS
v2rayN Hiddify Clash Verge WireGuard Tor Browser Psiphon
🐧 Linux
sing-box Hiddify Clash Verge WireGuard Tor Browser

Support the Project

Help keep the internet free and open

Run & Share MoaV

Deploy it on your server and help others connect. Every node strengthens the network.

Improve the Code

Contribute on GitHub. Fix bugs, add features, improve docs. Every PR helps.

Test & Share Feedback

Try it with friends, report issues, share success stories. Real-world testing is invaluable.

MoaV Technical Summary

MoaV (Mother of all VPNs) version 1.7.2 is a free, open-source, self-hosted censorship circumvention stack designed for countries with heavy internet censorship such as Iran, China, and Russia. It deploys 16+ anti-censorship protocols in a single Docker Compose command: Reality (VLESS) for TLS camouflage, XHTTP via Xray-core for multiplexed HTTP with Reality camouflage requiring no domain, XDNS via Xray-core FinalMask for DNS tunnel that works during heavy internet shutdowns (enabled by default since v1.7.2), Trojan for HTTPS mimicry, Hysteria2 for QUIC-based fast connections, TrustTunnel for HTTP/2 and QUIC tunneling, AmneziaWG for DPI-resistant obfuscated WireGuard, CDN mode routing VLESS through Cloudflare or AWS CloudFront, standard WireGuard with optional WebSocket tunneling, DNS tunneling via dnstt and Slipstream (QUIC-over-DNS), Telegram MTProxy with anti-DPI tuning (17 configurable settings), Psiphon Conduit for bandwidth donation, Tor Snowflake for Tor network support, and MahsaNet config donation to Mahsa VPN (2M+ users in Iran).

Key features include: GeoIP country distribution showing where users connect from on Grafana dashboards (powered by DB-IP Lite, fully offline), web-based admin dashboard on port 9443 with Prometheus-backed aggregate stats across all protocols, Grafana monitoring on port 9444 with per-user traffic metrics and geographic distribution, MahsaNet/MahsaAlert integration to donate VPN configurations to Mahsa VPN (over 2 million users in Iran) using the 'moav donate' command, automatic protocol fallback when individual protocols are blocked, Docker security hardening with cap_drop ALL and read-only filesystems, multi-user credential management with downloadable config bundles and QR codes, moav doctor diagnostics with DNS zone file export, shell autocompletion for bash and zsh, domainless deployment mode for servers without a domain name, and a decoy website with anti-fingerprinting randomization.

Installation: curl -fsSL moav.sh/install | bash. Source code: github.com/shayanb/MoaV. License: MIT. The project has an active open-source community contributing via GitHub issues and pull requests.