/en/docs/features/common/network/ Recent content in Communication Security and Optimization on frp Hugo en /en/docs/features/common/network/network/ Mon, 01 Jan 0001 00:00:00 +0000 /en/docs/features/common/network/network/ Encryption and Compression Note: When TLS is enabled between frpc and frps, traffic will be globally encrypted, and encryption on individual proxies is no longer needed. This is enabled by default in newer versions. Each proxy can choose whether to enable encryption and compression features. The encryption algorithm uses aes-128-cfb, and the compression algorithm uses snappy. Specify in each proxy’s configuration using the following parameters: [[proxies]] name = "ssh" type = "tcp" localPort = 22 remotePort = 6000 transport. /en/docs/features/common/network/network-tls/ Mon, 01 Jan 0001 00:00:00 +0000 /en/docs/features/common/network/network-tls/ transport.useEncryption and STCP functions can effectively prevent traffic content from being stolen during communication, but cannot determine whether the other party’s identity is legitimate, posing a risk of man-in-the-middle attacks. For this reason, frp supports traffic encryption between frpc and frps through TLS protocol, and supports client or server unidirectional verification, bidirectional verification, and other functions. When transport.tls.force = true in frps.toml, it means the server only accepts TLS connection clients, which is also a prerequisite for frps to verify frpc identity.