finds.dev← search

// the find

MHSanaei/3x-ui

★ 42,181 · Go · GPL-3.0 · updated Jul 2026

Xray panel supporting multi-protocol multi-user expire day & traffic & IP limit (Vmess, Vless, Trojan, ShadowSocks, Wireguard, Hysteria, Tunnel, Mixed, HTTP, Tun)

A web admin panel for Xray-core proxy servers, targeting operators who need to manage multi-protocol, multi-user deployments without hand-editing JSON configs. The core value is per-client provisioning: traffic quotas, expiry dates, IP limits, subscription links, QR codes — all from a single UI. Primary real-world use is censorship circumvention infrastructure.

Protocol and transport breadth is the real deal: REALITY, XHTTP, Hysteria2, WireGuard, fallbacks on a single port — each combination has dedicated UI forms rather than raw JSON editing. Per-client lifecycle management (traffic caps, expiry, Fail2ban IP limits, live online status) is what actually makes this useful for multi-user deployments vs running xray manually. The frontend is built properly — React/TypeScript, OpenAPI-first with generated Zod validators, not a jQuery admin panel stapled to a Go backend. The installer is thoughtful: unattended cloud-init mode, random credential generation, SQLite-to-PostgreSQL migration with the source file left intact until you verify.

The admin panel runs on the same host as your proxy exit node with no documentation on network separation; an attacker who finds the panel URL gets a management interface to your entire tunneling infrastructure. Telegram bot integration is presented as a feature but it's an attack surface — compromise your Telegram account and you own the server. SQLite default will degrade under write pressure from active multi-user deployments; per-client traffic accounting is write-heavy and WAL has limits, but the docs only recommend PostgreSQL for 'high client counts' without giving you a number to calibrate against. The 'personal use only' disclaimer sits in the README while the feature set is clearly built for multi-tenant commercial deployments — this tension means the project avoids addressing the legal and operational concerns its actual users have.

View on GitHub → Homepage ↗

// want more like this?

We dig through GitHub every week and send a few repos picked for what you actually care about — each with an honest take like this one.

Get finds in your inbox → Search again →