You could use Whonix as well. (Not supported or created by the Tor Project) https://whonix.org/

There is still opportunity for info leakage, so its best to not store identifying info inside the workstation if you are running a hidden service.

You can also set Tor-level cookie authentication if your service is private. See the Tor manual for that.

On Jul 4, 2016 7:00 AM, <tor-onions-request@lists.torproject.org> wrote:
Send tor-onions mailing list submissions to
        tor-onions@lists.torproject.org

To subscribe or unsubscribe via the World Wide Web, visit
        https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
or, via email, send a message with subject or body 'help' to
        tor-onions-request@lists.torproject.org

You can reach the person managing the list at
        tor-onions-owner@lists.torproject.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of tor-onions digest..."


Today's Topics:

   1. Re: Hidden Service IP Addresses (ncl@cock.li)


----------------------------------------------------------------------

Message: 1
Date: Sun, 3 Jul 2016 19:47:28 +0000
From: "ncl@cock.li" <ncl@cock.li>
To: tor-onions@lists.torproject.org
Subject: Re: [tor-onions] Hidden Service IP Addresses
Message-ID: <57796BD0.6000002@cock.li>
Content-Type: text/plain; charset=utf-8

Flipchan:
> Most Common is that an attacker gets root access or finds an rce bug
> on ur system and useage that to login to ur sys and by that gettin
> the ip,u can ofc run the site with a usr account and proxy all
> connections through tor with ip tables

What


------------------------------

Subject: Digest Footer

_______________________________________________
tor-onions mailing list
tor-onions@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions


------------------------------

End of tor-onions Digest, Vol 7, Issue 2
****************************************