You could use Whonix as well. (Not supported or created by the Tor Project) https://whonix.org/
There is still opportunity for info leakage, so its best to not store identifying info inside the workstation if you are running a hidden service.
You can also set Tor-level cookie authentication if your service is private. See the Tor manual for that.
Send tor-onions mailing list submissions to
tor-onions@lists.torproject.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
or, via email, send a message with subject or body 'help' to
tor-onions-request@lists.torproject.org
You can reach the person managing the list at
tor-onions-owner@lists.torproject.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of tor-onions digest..."
Today's Topics:
1. Re: Hidden Service IP Addresses (ncl@cock.li)
----------------------------------------------------------------------
Message: 1
Date: Sun, 3 Jul 2016 19:47:28 +0000
From: "ncl@cock.li" <ncl@cock.li>
To: tor-onions@lists.torproject.org
Subject: Re: [tor-onions] Hidden Service IP Addresses
Message-ID: <57796BD0.6000002@cock.li>
Content-Type: text/plain; charset=utf-8
Flipchan:
> Most Common is that an attacker gets root access or finds an rce bug
> on ur system and useage that to login to ur sys and by that gettin
> the ip,u can ofc run the site with a usr account and proxy all
> connections through tor with ip tables
What
------------------------------
Subject: Digest Footer
_______________________________________________
tor-onions mailing list
tor-onions@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
------------------------------
End of tor-onions Digest, Vol 7, Issue 2
****************************************