Hi Jason,

thank You for Your E-mail.

At the moment I`m only searching for some solutions (webapps) which are commonly use in the deep net. I`m using Drupal in the real internet but in my opinion Drupal is too heavy for Tor. To run Drupal on normal server I have to use a lot of different PHP modules, caching system, databases etc.etc. In Tor environment it will only generate new possibilities to crack the system.

I`m searching for some flat file CMSes with an interraction possibility ( comments for example). Maybe You know something ? 

In Tor deep net usually You can find some content which is not allowed in the normal internet. I would like "to pump" to Tor deep websites also some normal useful informations. I know plenty of users which would like to do it - but as I said, without expert knowledge its really difficult to keep this kind of service online for a longer time.

Is there any solution for masses ? I mean for people with minimum knowledge about tor? Is there any Linux distro for example with preconfigured CMS where user can simply start it and start to publish informations ?

Cheers
Dlugasny




Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, November 27, 2018 3:55 AM, J. S. Evans <jsevans@pm.me> wrote:

Hi, I've done a little work with this. I am currently running Wordpress as a personal blog and it works fine. I would first set up a basic Drupal website and put it online and test to see if it has any major problems that would cause it to identify you or your users. The following links are from another user on this list. They are for an application that will test your website for some basic privacy vulnerabilities.

Here's the website:
https://onionscan.org/

Here's the code, along with build instructions (it's written in golang):
https://github.com/s-rah/onionscan



Secondly, I would research Drupal hardening. It looks like https://www.drupal.org/security/secure-configuration is a good way to begin. Since I don't use Drupal, I can't give any specific pointers.

Finally, what do you want your website to do? If it is just for sharing information, flat html and text files without forms/javascript are the #1 most secure way to share information. If there is no interactivity, there is very little chance that anyone can hack you or reveal your identity or the identity of your viewers.

Jason 


‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, November 26, 2018 11:12 PM, <dlugasny@protonmail.com> wrote:

Hi,

I just would like to know which CMS is commonly used for Tor Hidden websites ? Which software YOu suggest to create some small hidden website ?
Do You use cmses without databases or with DB ?

I`m drupal user, do You think that drupal is secure enought to use it as cms for hidden website.

Thanks in advance for any advices.

Cheers
Dlugasny


Sent with ProtonMail Secure Email.