[tor-onions] Automatic "Onionification" of existing websites
Fabio Pietrosanti (naif) - lists
lists at infosecurity.ch
Sun Jan 31 11:07:36 UTC 2016
On 1/31/16 11:27 AM, Alec Muffett wrote:
> I'd recommend targeting a few platforms (debian + ubuntu + centos ?)
> with a set of tools to set up a couple of webservers (apache, nginx) and
> CMSes (wordpress, ...?):
>
> - platform hardening
> - tor daemon and setup
Regarding Tor, it can be config-less following the implementation of
https://trac.torproject.org/projects/tor/ticket/6411 in Tor 0.2.7 .
That way it's possible to avoid dumping to filesystem the TorHS
descriptors or having to modify the torrc, with all those logic to be
possibly handled by the webserver modules supporting "onionification" .
Regarding massive scale deployment, there is this limit actually
https://trac.torproject.org/projects/tor/ticket/15251 that we
encountered when thinking about "OnionFlare"
https://github.com/globaleaks/Tor2web/issues/228 as a way to easily
"Onionize" an existing HTTPS website, by putting that feature into Tor2web.
> - web-server config
I feel that on Apache there should be an application module, like
mod_tor, that once enabled will allow to do something like "OnionService
on" in the <VirtualHost> directive, having the rest happening in a
auto-magic way.
> - cms config
>
> ...then put it all up on GitHub for review.
>
> From past experience* a modular approach, treating each of these tasks
> separately, works best.
>
> -a
>
> * http://www.securityfocus.com/tools/1774
>
>
>
> _______________________________________________
> tor-onions mailing list
> tor-onions at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
>
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -
https://ahmia.fi
More information about the tor-onions
mailing list