Hi, I've done a little work with this. I am currently running Wordpress as a personal blog and it works fine. I would first set up a basic Drupal website and put it online and test to see if it has any major problems that would cause it to identify you or your users. The following links are from another user on this list. They are for an application that will test your website for some basic privacy vulnerabilities.

Here's the website:
https://onionscan.org/

Here's the code, along with build instructions (it's written in golang):
https://github.com/s-rah/onionscan



Secondly, I would research Drupal hardening. It looks like https://www.drupal.org/security/secure-configuration is a good way to begin. Since I don't use Drupal, I can't give any specific pointers.

Finally, what do you want your website to do? If it is just for sharing information, flat html and text files without forms/javascript are the #1 most secure way to share information. If there is no interactivity, there is very little chance that anyone can hack you or reveal your identity or the identity of your viewers.

Jason 


‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, November 26, 2018 11:12 PM, <dlugasny@protonmail.com> wrote:

Hi,

I just would like to know which CMS is commonly used for Tor Hidden websites ? Which software YOu suggest to create some small hidden website ?
Do You use cmses without databases or with DB ?

I`m drupal user, do You think that drupal is secure enought to use it as cms for hidden website.

Thanks in advance for any advices.

Cheers
Dlugasny


Sent with ProtonMail Secure Email.