[tor-talk] Onion website on "usual" server
Mirimir
mirimir at riseup.net
Sat Apr 13 20:36:02 UTC 2019
On 04/13/2019 01:28 AM, xxx wrote:
> Hello,
>
> I am running a dedicated box (Centos 7-64) with a few usual domains and
> websites.
>
> Is it possible to host an .onion website there? If so, how to setup, is
> it safe (so that the .onion site IP won't be disclosed)?
>
> Thank you!
Read the stuff that Cyaniventer linked, for sure.
But here's the problem. You run some web server, hosting (I gather)
multiple websites. That implies that you understand how to do that.
If you do, you just add another site to the config, which binds only to
127.0.0.1 using a different port (say 8000). Then you setup an onion
service that points to 127.0.0.1:8000. Also, you make sure that none of
your clearnet sites bind to 127.0.0.1 (just in case).
Even so, that's a little fragile. Mistakes happen. And there's the issue
of web server error messages from the onion site going to clearnet.
That's one of the mistakes that got DPR pwned.
The safest bet is running KVM on your server, and using a VM for the
onion site. And if that's too heavy, even Docker would help.
More information about the tor-talk
mailing list