How to Host a Site on the Dark Web

In this tutorial we will be setting up a server that will host a static site on the Dark Web. We will be using Tor Hidden services for this. We will be using static files for simplicity and security.

This tutorial is intended for and tested on a remote server running Ubuntu 16.04. This server should be properly secured for production use. If you need assistance setting up a server, please read my tutorial Setting Up a Basic Server with Ubuntu 16.04This tutorial also will assume that you have a basic familiarity with the Dark Web and you already have the Tor Browser.

Tor

The Tor packages found in the default repositories for Ubuntu are not reliably updated. The Tor project maintains their own repository. We must add that repository.

Open up your sources.list file.

sudo nano /etc/apt/sources.list

Add the following to the end of the file

deb http://deb.torproject.org/torproject.org xenial maindeb-src http://deb.torproject.org/torproject.org xenial main

Now add the gpg key.

gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

Run the update.

sudo apt-get update

Then install Tor

sudo apt-get install tor deb.torproject.org-keyring

The Hidden Service

We need to edit the Tor configuration file to enable our hidden service. First we will make a backup of this configuration file.

sudo cp /etc/tor/torrc /etc/tor/OLD.torrc

Then edit the configuration file.

sudo nano /etc/tor/torrc

By default all Tor client services, relays, and hidden services are commented out and disabled. Let’s active the hidden service. Find the section for hidden services. It will look something like this.

############### This section is just for location-hidden services ###
## Once you have configured a hidden service, you can look at the## contents of the file ".../hidden_service/hostname" for the address## to tell people.## ## HiddenServicePort x y:z says to redirect requests on port x to the## address y:z.
#HiddenServiceDir /var/lib/tor/hidden_service/#HiddenServicePort 80 127.0.0.1:80
#HiddenServiceDir /var/lib/tor/other_hidden_service/#HiddenServicePort 80 127.0.0.1:80#HiddenServicePort 22 127.0.0.1:22

Uncomment the following lines.

#HiddenServiceDir /var/lib/tor/hidden_service/#HiddenServicePort 80 127.0.0.1:80

The hidden services section should now look like this.

############### This section is just for location-hidden services ###
## Once you have configured a hidden service, you can look at the## contents of the file ".../hidden_service/hostname" for the address## to tell people.#### HiddenServicePort x y:z says to redirect requests on port x to the## address y:z.
HiddenServiceDir /var/lib/tor/hidden_service/HiddenServicePort 80 127.0.0.1:80
#HiddenServiceDir /var/lib/tor/other_hidden_service/#HiddenServicePort 80 127.0.0.1:80#HiddenServicePort 22 127.0.0.1:2

Restart Tor

sudo service tor restart

Couple of files should have generated by Tor. First is a hostname file. Open it up to get your .onion address.

sudo nano /var/lib/tor/hidden_service/hostname

My file contained 2rjp7e2cn4ppizgn.onion. Your file should contain something similar. The other file is a private key. Open it up and take a look.

sudo nano /var/lib/tor/hidden_service/private_key

It should look similar to this.

-----BEGIN RSA PRIVATE KEY-----MIICXgIBAAKBgQCnNsOc9iODyPGeLFvkTcgENzZ/c1aKAwslQ/WwLjd9rRh4rfK74887uS+Thb3ggnVDc+GKHwkBlJY5Zvo95atYIHigGHR1QCbZ1GCBt4YebLcCBrNG1zsDoDEbxu4MqVB+0dntEJ2CDciHz6lnSvz9VJoWA8m5PNlC4ITZ+v1prQIDAQABAoGBAKCCPCFmUE8HS492qzqqwy3wxfpvf4l5RHCgHK3in1efGZd1+kQLeHiu2ZF1Vv+0mtWF3eDUy7g0oDluck1337Haxor1FcoKGEgpCXtVnOuEnEJEn/K+dFsxFYBdAUuZ61yOC7cWySAJA1pi5CtJQm1aH10IxyNYg9kjOPbEiIjBAkEA3UtXwwTxHWLZhvcBLzM3uQ31CK93HKar40DyYmlOHZfHPhzgwjr3gwbAjqKnx0AXcnBuhy1gwwW8U4V6yDSNyrqfiYcMPCYVEKZV/ebmBLW0BWOw+kimukGhGQ==-----END RSA PRIVATE KEY-----

With these files two files you can move your server to a new machine if eventually necessary. Copy these file and keep them secure.

Nginx

Nginx is a good web server for this project. Install Nginx.

sudo apt-get install nginx

Your server should be running a firewall. I recommend the Uncomplicated Firewall (UFW). If you need help with UFW, check out, A Guide to the Uncomplicated Firewall (UFW) for Linux. The following command will allow HTTP traffic.

sudo ufw allow 'Nginx HTTP'

Visit your server’s IP address to verify that the web server is operational.

If things are working correctly, remove this rule. Then reload the firewall.

sudo ufw deny 'Nginx HTTP'sudo ufw reload

nginx.conf

Edit the main Nginx configuration file to disable undesirable information sharing.

sudo nano /etc/nginx/nginx.conf

Inside the http block add the following

server_name_in_redirect off;
server_tokens off;
port_in_redirect off;

Then restart the Nginx server.

sudo systemctl restart nginx

Web Server Root Directory

Make a directory to hold our files for the web server.

sudo mkdir /var/www/dark_web

Make and edit an index.html file for your site.

sudo nano /var/www/dark_web/index.html

Inside just put anything. We don’t need actual html, just something kinda unique for right now.

Welcome to my dark web page

Set the permissions so that Nginx can access the files.

sudo chmod 755 /var/www/dark_web

Remove Nginx Default

Remove the default site.

sudo rm /etc/nginx/sites-enabled/defaultsudo rm /etc/nginx/sites-available/default

Add Available Site

Make a new site in the sites-available directory.

sudo nano /etc/nginx/sites-available/dark_web

Inside add the following replacing the root and server_name values for your instance.

server {	
	listen 127.0.0.1:80;	
	root /var/www/dark_web/;	
	index index.html;	
	server_name 2rjp7e2cn4ppizgn.onion;
}

Add this site the the site_enabled.

sudo ln -s /etc/nginx/sites-available/dark_web /etc/nginx/sites-enabled/

Then restart the Nginx server.

sudo systemctl restart nginx

Tor Browser

Open up your Tor Browser and visit your .onion address that was generated earlier. If the system is properly operational then you will see the dummy index.html page that we made previously.

Conclusion

So now you have a site on the Dark Web. Any files in the /var/www/dark_webwill be available online. If you use a static site generator this would be the folder to output to.


Corrections and suggestions for this page can be made on Github.