aes-256-cfb is insecure

[fortuna]

You should be using one of the AEAD ciphers instead, since they provide authentication of the encrypted content. Otherwise your server will be unprotected from certain types of attacks: shadowsocks/shadowsocks-org#29

[txthinking]

You may need $ brook server, it uses AEAD and more. :)