tor hidden service access to the forum?

Discussion in 'Technical' started by yonder, Oct 6, 2006.

  1. yonder

    yonder No Despot's Servant

    I've been using tor pretty heavily lately and while it is a great way to surf the web, the performance is very inconsistant as exit nodes come and go.

    So a question/suggestion for melbo and the admin team: would you consider possibly running a tor hidden service so that the Survival Monkey forum is always available from inside of the .onion network? This way, tor users would not be dependent on the performance or availability of exit nodes, but rather on the availability of the much better middleman nodes (middleman nodes are a lot safer to run so more people tend to be willing to run them).
  2. melbo

    melbo Hunter Gatherer Administrator Founding Member

    I looked into that a few months ago.

    As I could see it, I'd then need to create the hidden service on a PC of mine, rather than the typical DNS system of my Site server.

    If that is the case, I'd then need to also house an SQL db on the same PC for the forum software to access. So, It would be an entirely seperate forum with no syncing of the 2 databases.

    I was going to play around with it using a free copy of phpBB, which the monkey used to use.

    If it could be done via my server, I'd be game but I don't think you can get around the DNS to get into my server.
  3. yonder

    yonder No Despot's Servant

    Do you have root access to the box the forum is running on, or is it a shared host?

    If you have root access, it's nowhere near as complex as all that.
  4. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Shared host.
    I can get in before public_html but it's still a survivalmonkey directory access via cpanel.
  5. yonder

    yonder No Despot's Servant

    Ah ok gotcha.

    It would be waaay too much of a pain for you to do then. Thanks anyway!
  6. melbo

    melbo Hunter Gatherer Administrator Founding Member

    But one could set up a simple site on a PC as a hidden server... correct?
  7. melbo

    melbo Hunter Gatherer Administrator Founding Member
    Now that you have hidden services working on Tor, you need to set up your web server locally. Setting up a web server is tricky, so we're just going to go over a few basics here. If you get stuck or want to do more, find a friend who can help you. We recommend you install a new separate web server for your hidden service, since even if you already have one installed, you may be using it (or want to use it later) for an actual website.
    If you're on Unix or OS X and you're comfortable with the command-line, by far the best way to go is to install thttpd. Just grab the latest tarball, untar it (it will create its own directory), and run ./configure && make. Then mkdir hidserv, cd hidserv, and run "../thttpd -p 5222 -h localhost". It will give you back your prompt, and now you're running a webserver on port 5222. You can put files to serve in the hidserv directory.
    If you're on Windows, ...what should we suggest here? Is there a good simple free software (not just "freeware") web server for Windows? Please let me know what we should say here. In the meantime, check out apache, and be sure to configure it to bind only to localhost. You should also figure out what port you're listening on, because you'll use it below.
    (The reason we bind the web server only to localhost is to make sure it isn't publically accessible. If people could get to it directly, they could confirm that your computer is the one offering the hidden service.)
    Once you've got your web server set up, make sure it works: open your browser and go to http://localhost:5222/. Then try putting a file in the main html directory, and make sure it shows up when you access the site.
  8. yonder

    yonder No Despot's Servant

    Now imagine this...

    Run a hidden service to a local apache server, but use mod_proxy to reverse-proxy all connections to your .onion to instead hit
  9. ghrit

    ghrit Bad company Administrator Founding Member

    Good grief. Is that all Engilsh? You guys are so far ahead of us hunt and packers it is a new universe.
  10. melbo

    melbo Hunter Gatherer Administrator Founding Member

    still playing with this idea
survivalmonkey SSL seal warrant canary