diff --git a/CHANGELOG b/CHANGELOG
index a241863..08b0e1b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,4 +1,8 @@
 proxy更新日志
+v5.2
+1.修复了反向代理无法正常工作的问题.
+2.修复了自定义加密导致HTTP(S)\SPS反向代理无法正常工作的问题.
+
 v5.1
 1.优化了kcp默认mtu配置,调整为450.
 2.优化了HTTP(S)\SOCKS5代理智能判断，更加精确。
diff --git a/services/sps/sps.go b/services/sps/sps.go
index 68591c7..60b6f29 100644
--- a/services/sps/sps.go
+++ b/services/sps/sps.go
@@ -17,6 +17,7 @@ import (
 	"github.com/snail007/goproxy/services/kcpcfg"
 	"github.com/snail007/goproxy/utils"
 	"github.com/snail007/goproxy/utils/conncrypt"
+	"github.com/snail007/goproxy/utils/sni"
 	"github.com/snail007/goproxy/utils/socks"
 )
 
@@ -218,7 +219,7 @@ func (s *SPS) OutToTCP(inConn *net.Conn) (err error) {
 	bInConn.ReadByte()
 	bInConn.UnreadByte()
 
-	n := 8
+	n := 2048
 	if n > bInConn.Buffered() {
 		n = bInConn.Buffered()
 	}
@@ -228,12 +229,12 @@ func (s *SPS) OutToTCP(inConn *net.Conn) (err error) {
 		(*inConn).Close()
 		return
 	}
-
+	isSNI, _ := sni.ServerNameFromBytes(h)
 	*inConn = bInConn
 	address := ""
 	var auth socks.Auth
 	var forwardBytes []byte
-	//fmt.Printf("%v", header)
+	//fmt.Printf("%v", h)
 	if utils.IsSocks5(h) {
 		if *s.cfg.DisableSocks5 {
 			(*inConn).Close()
@@ -251,7 +252,7 @@ func (s *SPS) OutToTCP(inConn *net.Conn) (err error) {
 		}
 		address = serverConn.Target()
 		auth = serverConn.AuthData()
-	} else if utils.IsHTTP(h) {
+	} else if utils.IsHTTP(h) || isSNI != "" {
 		if *s.cfg.DisableHTTP {
 			(*inConn).Close()
 			return