[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Onion website on "usual" server

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Onion website on "usual" server
From: Mirimir <mirimir@xxxxxxxxxx>
Date: Sat, 13 Apr 2019 13:36:02 -0700
Autocrypt: addr=mirimir@xxxxxxxxxx; prefer-encrypt=mutual; keydata= xsBNBFEN49cBCADWl1VZKYO8L+f/65G2nBWzh41VTAZDcJSxMWXrBSvpJzzLt6sJf0L0Rjmy W4VPxJMCm/32auRAp8Xx1iNmBpvYENSM1YJVWfk43tlSOY8CR3TVODMxWPhUu48Pb9OKSntz WHGwdZmOr14zF9vr4PaS9A6+Hyt9FPKuGcQFw7K8jK1Hpp5XgdY/DMHKeaJykJ8JH1HBTFTT OJdxIWu6cZ+spNaNfKdnNjk98hMPw69isVGzcm7b3lJUsjVnMSqnrtZ8CSIv1njyxJH7NB5n LzrE7EiXR37k+4Poc9/DeLSAKrq5N3ZMpX1EDOoXFa8lLVGWHBTwVN/tl7FLM0NmVuL5ABEB AAHNHG1pcmltaXIgPG1pcmltaXJAcmlzZXVwLm5ldD7CwIEEEwECACsCGyMGCwkIBwMCBhUI AgkKCwQWAgMBAh4BAheAAhkBBQJafNQ7BQkNMVdkAAoJEGINZVEXwuQ+5LoIAKyZQDkNqj+Y E26o1bdEQlmOLhhXev45euNCnaFrnbOyKLivHdF4vvXyWBTzJmCsoRxTJ0A3Zmwa3ZihbKaU FCAdRgspLfA+TGICVYOztB+faWV18k5OTCk7ZiBQ/mOMQA4p3RPOV+UCgdelvZRHrFdUgHro dho/FqZhRoPdsPPB08QBisDO7SfFMMe9U9EZ03n4f2TvMgaTjK/kZCopwgLj2nB11SnCYfWJ jxUFDs+VFObf/jSK8T0SX9O6p430NWZm30vutUVac9lfodMjBcJqTnFxmZrwQomlCYGvSqNw 4Xy5+/gBzv/flXHngQSU053smHRtrMlGK5OU1RSixDfOwE0EUQ3j1wEIAMDcexhcaIO5jpl+ SHM14zuBvF2QG61IpH4Lag6nQmSMTljizuJg2kLaLbfc69AxmjuL5obqYi5ywXn4kQKqiwfa OHvVlKn662/J5YgXuc8tRLyqvgb+hibtAnlhWAuusP0eoQQP6SAASRjtrb8RVapTzJXy2Snf PtkcdtkTLLLcyeGoDOkpPkspnnp8avvI9ayzhGFLg9qNWaIuBMudxT6oHK4rZH+Sv6km9viI /ziV6E8Z+PpvMsGdebeYBLQA7ueuTbyOGbDyProwvocrKynI/UM40VYS8bS1PjWtljUlj7Vx 8C/746hnfdge0m24jnaWfu5UDjwpsHzs/JXqklsAEQEAAcLAZQQYAQIADwIbDAUCWnzURgUJ DTFXbwAKCRBiDWVRF8LkPsCjCACNvnnmpcDwEbtXUFZD/+ewNlPfM9o0mIXgi7DIVR9MVCw/ u14+mJUlQny4jPRV+hv/erjbiqEcVPZ296J3I4kUvO4slI+ZyODsRQSzwMz6ihwC6nN1xove YSBzVKKQrV+FDHVk6dJVLtgPdewOR9ZAar7mEbCLTJZ/e5aVb+NrlC1jWx3V3mMGCKOsEHhu 97cu3AswlxhzqPjczTo3rjtcfxdjeGU6mIEEAlhUlVDdfbGLODIyCXrP39zYxYXFFpVcbGAu +cndl1AQkIXUiMoJuzTMU8TQ+zz8yLof9fB7Y8O8VbmZBPQqN2IiHPeGbfqZjk/uHjJQUayI +beL0kxL
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 13 Apr 2019 16:36:20 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1555187767; bh=4wQtcTNL9xRj888o7mEjfCHe3RILd9frIw6azAAcPRM=; h=Subject:To:References:From:Date:In-Reply-To:From; b=JZUe6SnljYgrQyILisyk7VfV6lTbSJjHuUAhWVHzNzAC0IpEcHiORFpTBvkI7/4mI 5Z4DHpejcNvydCTaFiYCoZ/AWhy5GuoaPpBM0p4hMldu3M5PKevPxI+EdJAd2AIuFV pqmUeZNhYWqLW255V6sY2lAYRxh8ekpUCb9NNQic=
In-reply-to: <10e774e0-4f27-3bf5-1164-5b6e8547d277@yandex.ru>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Openpgp: preference=signencrypt
References: <10e774e0-4f27-3bf5-1164-5b6e8547d277@yandex.ru>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 04/13/2019 01:28 AM, xxx wrote:
> Hello,
> 
> I am running a dedicated box (Centos 7-64) with a few usual domains and
> websites.
> 
> Is it possible to host an .onion website there? If so, how to setup, is
> it safe (so that the .onion site IP won't be disclosed)?
> 
> Thank you!

Read the stuff that Cyaniventer linked, for sure.

But here's the problem. You run some web server, hosting (I gather)
multiple websites. That implies that you understand how to do that.

If you do, you just add another site to the config, which binds only to
127.0.0.1 using a different port (say 8000). Then you setup an onion
service that points to 127.0.0.1:8000. Also, you make sure that none of
your clearnet sites bind to 127.0.0.1 (just in case).

Even so, that's a little fragile. Mistakes happen. And there's the issue
of web server error messages from the onion site going to clearnet.
That's one of the mistakes that got DPR pwned.

The safest bet is running KVM on your server, and using a VM for the
onion site. And if that's too heavy, even Docker would help.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Onion website on "usual" server
  - From: meejah

References:
- [tor-talk] Onion website on "usual" server
  - From: xxx

Prev by Author: Re: [tor-talk] Nice to meet you! / WhatsApp by Tor?
Next by Author: Re: [tor-talk] Is there a way to use internet in a sandbox environment? (Linux)
Previous by thread: Re: [tor-talk] Onion website on "usual" server
Next by thread: Re: [tor-talk] Onion website on "usual" server
Index(es):
- Author
- Thread