Understanding the technology behind your VPN empowers you to make an informed choice. Here is a transparent overview of how Redgate works.
Core Protocol: V2Ray / Xray
Redgate uses the V2Ray (and its successor Xray) framework as the foundation for all encrypted tunnels. V2Ray supports multiple inbound/outbound proxy protocols and is designed to be modular, allowing us to quickly adapt to new censorship techniques without app updates.
Default tunnel configuration:
- Protocol: VLESS / VMess
- Transport: WebSocket over TLS (port 443)
- Encryption: TLS 1.3 with AES-256-GCM
- Obfuscation: Traffic mimics standard HTTPS, indistinguishable from regular web browsing
Infrastructure
Our server infrastructure is hosted on enterprise-grade cloud platforms. All servers run hardened Linux, with automatic security patches applied weekly. Server-to-server links are also encrypted, ensuring end-to-end protection even when your traffic traverses multiple relay nodes.
Device Security
Redgate apps implement a kill switch that instantly blocks all internet traffic if the VPN tunnel drops unexpectedly. This prevents accidental data leakage outside the encrypted tunnel. DNS leak protection is enabled by default, routing all DNS queries through our private resolvers.
Account Security
User credentials are stored using bcrypt hashing with high work factors. Passwords are never stored in plain text and are never transmitted in cleartext. All API communication between the Redgate app and our servers uses HTTPS with certificate pinning to prevent man-in-the-middle attacks.
Continuous Improvement
We monitor the security landscape continuously and update our protocols in response to new threats. When a major vulnerability is discovered in any of our dependencies, we issue an emergency patch within 24 hours. Our infrastructure is regularly audited by internal security reviews.
Security is not a feature — it is the foundation of everything we build at Redgate.
