From ca6458acade62033f5ffceb24d7e7a4d149ac670 Mon Sep 17 00:00:00 2001
From: Evan Su <48808396+HACKERALERT@users.noreply.github.com>
Date: Tue, 31 Dec 2024 20:41:19 -0500
Subject: [PATCH] Update README for latest HTTPS only changes

---
 README.md | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index 6bd0dc0..b6c5d37 100644
--- a/README.md
+++ b/README.md
@@ -13,24 +13,16 @@ To start the proxy server:
 ```
 heavypin-server -p password
 ```
-This will start an HTTP server on `:80`. You can use this port directly as is, however, you should setup a reverse HTTPS proxy (using Nginx or Apache) from `:443` to `:80` if possible to better obfuscate the connection and hide the fact that you are proxying your traffic through that port. This makes the connection much harder to detect and block, especially for censors that actively monitor your network traffic. For the password, choose anything that is reasonably long and unguessable. It's only used to protect against active probing, though, so the password you choose won't affect the security or privacy of your connection.
+This will start an HTTPS server on `:443` using a self-signed RSA 4096 certificate generated automatically on runtime.
 
 ## Client
 On your local machine, you will need the client application to connect to the server:
 ```
 go install github.com/HACKERALERT/Heavypin/heavypin-client@latest
 ```
-Connect to the server by passing in the server's address and password:
+Connect to the server by passing in the server's IP address and password:
 ```
-heavypin-client -s http(s)://<server_hostname_or_ip> -p password
-```
-For example, if you are hosting directly on `:80` and have the server IP:
-```
-heavypin-client -s http://1.2.3.4 -p password
-```
-Or if you are reverse proxying `:443` to `:80` and have a hostname:
-```
-heavypin-client -s https://myhostname.com -p password
+heavypin-client -s https://<server_ip> -p password
 ```
 Once the client application connects to the server, it will start a local HTTP proxy on `:8000`. You can then use `http://localhost:8000` as a proxy in your browser or application to securely access the free and open Internet.
 
@@ -41,4 +33,4 @@ Heavypin is a mostly experimental and proof-of-concept project to demonstrate an
 The name "Heavypin" comes from "<strong>H</strong>TTPS <strong>VPN</strong>", since it is essentially a "VPN" running over HTTPS.
 
 # How It Works
-Heavypin is an HTTPS-based proxy, meaning that instead of working with raw sockets, it uses HTTPS as a transport layer for tunneling data. Heavypin starts a local HTTP proxy server to catch your browser's traffic, and then uses many HTTPS requests to the proxy server to forward your traffic to the destination server. Then, through HTTP long polling, the client will fetch responses to previous requests from the proxy server and stream them back to the browser through the local HTTP proxy. Because everything is done over HTTPS, or at least should be, your connection to the proxy server looks like normal web traffic to an unsuspecting observer. This makes it possible to bypass firewalls that block certain ports and protocols. For further resistance against censorship, all traffic between the client and proxy server is randomly padded to protect against basic forms of traffic analysis, and the proxy server is protected against active probing by requiring a password to function. Requests to the proxy server that don't supply the correct password in the header or form data will receive an inconspicuous 404 Not Found, effectively concealing the actual proxy server that lies beneath it.
+Heavypin is an HTTPS-based proxy, meaning that instead of working with raw sockets, it uses HTTPS as a transport layer for tunneling data. Heavypin starts a local HTTP proxy server to catch your browser's traffic, and then uses many HTTPS requests to the proxy server to forward your traffic to the destination server. Then, through HTTP long polling, the client will fetch responses to previous requests from the proxy server and stream them back to the browser through the local HTTP proxy. Because everything is done over HTTPS, your connection to the proxy server looks like normal web traffic to an unsuspecting observer. This makes it possible to bypass firewalls that block certain ports and protocols. For further resistance against censorship, all traffic between the client and proxy server is randomly padded to protect against basic forms of traffic analysis, and the proxy server is protected against active probing by requiring a password to function. Requests to the proxy server that don't supply the correct password in the header or form data will receive an inconspicuous 404 Not Found, effectively concealing the actual proxy server that lies beneath it.