Open in app

Sign in

Write

Sign in

How to create your own Tor hidden service 

on Debian/Ubuntu with nginx

Andrew Phillips
2 min readJan 14, 2014

One of the features of Tor is the ability to create hidden services. A hidden service is basically a server running solely on the Tor network — meaning it never exists on the ‘public’ internet — you can only connect to a hidden service using the Tor network. All Tor hidden services have the pseudo TLD .onion.

A hidden service then, does not have an ‘exit node’ (a computer whose IP Address would be listed in the server log files). Any log files on the hidden service would just reveal connection from itself, the localhost.

This is how to create a Tor hidden service using Debian and nginx.

I’m using Debian 7.3 Wheezy for the setup below.

Step 1.

Add the nginx and tor repositories to your apt sources list.

Open up the file /etc/apt/sources.list and append the following lines:

deb http://nginx.org/packages/debian/ wheezy nginxdeb-src http://nginx.org/packages/debian/ wheezy nginxdeb http://deb.torproject.org/torproject.org wheezy main

Step 2.

Import the gpg signing keys by running the following commands:

gpg —keyserver keys.gnupg.net —recv 886DDD89gpg —export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -wget http://nginx.org/keys/nginx_signing.key
apt-key add nginx_signing.key

Step 3.

Update sources and install nginx and Tor

apt-get updateapt-get install nginx tor

Step 4.

Configure nginx

Open the file /etc/nginx/conf.d/default.conf and replace with the following:

server {
    listen 127.0.0.1:8080;
    root /var/www/;
    client_max_body_size 99M;
    charset utf-8;
    index index.html;
}

Create the folder /var/www/. This will be your web root.

mkdir /var/wwwtouch /var/www/index.html && “<h1>Hello Hidden World</h1>” > /var/www/index.html

Step 5.

Configure Tor

Open the file /etc/tor/torrc and add the following lines:

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8080

Create the HiddenServiceDirectory and give it permissions:

mkdir /var/lib/tor/hidden_service/ chown debian-tor:debian-tor /var/lib/tor/hidden_service/ chmod 0700 /var/lib/tor/hidden_service/

Step 6.

Restart Tor and nginx.

/etc/init.d/nginx restart/etc/init.d/tor restart

Step 7.

Fetch your new hostname and connect to your website.

In the file /var/lib/tor/hidden_service/hostname you will find your new .onion URL

Connect to the Tor network and access your new hidden service!

--

--

Andrew Phillips

Written by Andrew Phillips

17 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams