(or how to make your own .onion web page)

A full solution walkthrough for linux + apache2 + modperl

Setting up a hidden service on tor requires two pieces of software: the actual tor software, which is available for Windows, Linux and OSX, and a server software. This will explain how to set up the tor software. The idea is, that tor acts as a gateway between the tor network and your local ports. Tor doesn't know what data it provides, it just gateways and forwards packages waiting to be picked up by a server software. It only explains the steps on *nix based operating systems, but an adaption to Windows should not be too hard.

After installing the tor package and verifying that tor indeed works, you need to acquire root rights. You will need them until the server is installed and you know your onion url. After having done so, open the /etc/tor/torrc file with your favourite text editor.

WIndows users using TOR bundle: ..\Tor Browser\Data\Tor\torcc

We are interested in two lines, beginning with #HiddenServiceDir and #HiddenServicePort. They would look like this in the standard installation:

#HiddenServiceDir /var/lib/tor/hidden_service/
#HiddenServicePort 80

Together they are enough to implement a hidden service on your machine. In the standard installation those are commented out, so we remove the hashes first. HiddenServiceDir specifies a directory in which files required for the use of the hidden service are stored at. As easily visible, the default one lies in the /var/lib directory, and cannot be read by a standard user. Whether it is advisable or not to change it depends on your setup and is open for debate. In this directory, the hidden service will store two files: a private_key file and your onion url. This directory will come in handy later and I'll use it as the example directory for this demonstration.

The other line, HiddenServicePort looks a bit more complicated. It is concerned with the network aspects of the hidden service. It forwards the first parameter, the port, to the next parameter, an address with a port. To get a clearer picture of what happens, we will modify that line to produce a more custom configuration.

HiddenServicePort 3301

Setting the ports to easily distinguishable values has been done here in order to illustrate the general idea for a newcomer. In this particular case, we have two pieces of information: 3301 and . Using this configuration, our onion url can be reached on port 3301. Whatever tor gets on this port, it will forward to the localhost on port 1337. However, this only works if there is something listening to port 1337 on Tor does not care whether there is a program waiting for data, it will only act as a neutral gateway. Therefore, a connection will fail if there is no server waiting, even if the tor gateway was configured correctly.

With all this being said, lets test it out. The configuration used for this demonstration looks like this now:

HiddenServiceDir /var/lib/tor/hidden_service/ # we left this one untouched
HiddenServicePort 3301 # our custom setup

Applying the configuration takes place when the tor service is being restarted.

root@terminal:~# service tor restart
 * Stopping tor daemon...                                              [ OK ]    
 * Starting tor daemon...                                              [ OK ]

If everything goes well, you should not see an error message and your hidden service is configured. Now you need to recover your hostname while we're root. Change to the HiddenServiceDir directory and look at the contents of the hostname file.

root@terminal:~# cat /var/lib/tor/hidden_service/hostname
6dq7xsfmdpqmksyw.onion # we will use this example for this demonstration

Without going into much detail about a server configuration, we will make a simple test to see if the server is responsive. We will use the nc program, a minimal tcp server that comes with Ubuntu. It requires the -x parameter. Apparently some versions don't have that option. For those who don't have the package with that option, there are other ways to verify the connection. Leave a comment if you need help with this. Also, note that it may take a minute or two until your server can be reached through tor.

First, open two shell windows, which do not have root rights. In the first windows, enter this command:

nc -l 1337

This calls the nc program and instructs it to listen to our local port 1337. You remember it as a slightly different part of the HiddenServicePort line (the colon is lacking as part of nc's syntax). We now have something waiting on our end of the tor gateway, something that picks up the data. In the second window, enter this command:

echo "Hello World" | nc -x localhost:9050 6dq7xsfmdpqmksyw.onion 3301

This call is divided into two commands. The first part simply puts out the famous greeting to the command line. However, it is being piped to the second command as input. The nc program is instructed to establish a connection to 6dq7xsfmdpqmksyw.onion'and port 3301, but since we're dealing with onion routing, we need to send all of this through the tor socket. This is done by giving it the -x parameter. After executing this, switch to the first window and see the output.

user@terminal:~$ nc -kl 1337
Hello World

If you can see the string you have passed to nc in the second window in the first window, you have successfully transmitted information through the tor gateway. Congrats!

Now you need to set up the server software of your choice and/or need. However, keep in mind that it needs to listen to port 1337.

Links with more tutorials:

If anyone likes to write something about setting up Apache or another server software, feel free to do so.


for linux+apache2+perl cgi:

 More TOR tutorials:

CGI scripts:

[23:19] <Totry> [23:18] <masso> ie.



[01:56] <strange_tcyborg1> i recommend uniserver
[01:59] <strange_tcyborg1> there's a wiki for uniserver, try it
[02:03] <strange_tcyborg1> oh, just install uniserver, run apache from a nice windows application with a big friendly name like "start_as_program", go to localhost/ in your browser, see if apache works
[02:04] <strange_tcyborg1> then you edit the %something%/www/index page so that it shows what you want it to show, using a notepad or soemthing
[02:05] <strange_tcyborg1> *%something%/uniserver/www/index
[02:06] <strange_tcyborg1> the you mess for several hours to try to get the cgi-script working :-/ bugger CGI!
[02:07] <strange_tcyborg1> and then eventually you configure a tor hidden srvicem which is quite easy, and access it and test your cgi script, and before you know it -- voila, hidden service and cgi)
[02:03] <strange_tcyborg1> oh, just install uniserver, run apache from a nice windows application with a big friendly name like "start_as_program", go to localhost/ in your browser, see if apache works

Or, as eonn said:

[18:36] <eonn> just take a free amazon server


[02:23] <eonn> if you still try to get apache working.. just Google xampp
[02:24] <eonn> download and install and there you go

You should find what you need for CGI in PHP here:

[20:52] <cheetahburn> i am done
[20:52] <cheetahburn> http://kholyg7cewyywujo.onion/cicada.tgz
[20:52] <cheetahburn> there one could download my full package
[20:52] <cheetahburn> it includes a readme to use it properly
[20:52] <cheetahburn> at least i hope

TUTORIAL FOR WINFAGS USING UniServer Zero IX and PHP script Cheetahburn PHP script:

Please post and good tutoials about setting up Tor hidden service with apache or any other way here!

Many people might try it and we will have probbaly flood of questions regarding this in chat.