Description:
This guide will walk you through the process of setting the server for hosting a static website on the Dark Web. This can be accomplished through the use of Tor Hidden Services. To keep things simple and secure, we’ll use static files.
This article is designed for and tested on a remote Debian-based server. This server should be adequately protected prior to being used in production.
Tor
The packages of Tor in Ubuntu or Debian’s default repositories aren’t always up to date. Tor maintains its own repositor. That repository must be added.
sources.list: Before you can acquire Tor, you must first configure our package repository. First, you must determine the identity of your distribution. lsb release -c or cat /etc/debian version are easy commands to execute. Visit the Debian website if you are unsure regarding your Debian version. Ask Wikipedia about Ubuntu.
For creating a new file you should run the following lines to /etc/apt/sources.list
sudo nano /etc/apt/sources.list
To the end of the file, append the following:
deb https://deb.torproject.org/torproject.org stretch main deb-src https://deb.torproject.org/torproject.org stretch main
Add your gpg key using the commands below at your command prompt. Then your packages are signed.
gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
root@n0d3:~# gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 gpg: keybox '/root/.gnupg/pubring.kbx' created gpg: /root/.gnupg/trustdb.gpg: trustdb created gpg: key EE8CBC9E886DDD89: public key "deb.torproject.org archive signing key" imported gpg: Total number processed: 1 gpg: imported: 1
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
Execute the update.
sudo apt-get update
Then install Tor on your server
sudo apt-get install tor deb.torproject.org-keyring
Note: If you run the last command, you may obtain the following: tor : Depends: libevent-2.0-5 (>= 2.0.10-stable), however it is not installable. Then you should fix it manually  : wget
http://ftp.de.debian.org/debian/pool/main/libe/libevent/libevent-2.0-5_2.0.21-stable-3_arm64.deb ; apt install ./libevent-2.0-5_2.0.21-stable-3_arm64.deb ; rm ./libevent-2.0-5_2.0.21-stable-3_arm64.deb
The Hidden Service
To activate our hidden service, we must change the Tor configuration file. To begin, we’ll create a backup copy of this configuration file.
sudo cp /etc/tor/torrc /etc/tor/OLD.torrc
Also you can make changes to your configuration file.
sudo vi /etc/tor/torrc
All Tor customer services, relays, and hidden services are deactivated and commented out by default. Let us begin by activating the hidden service. Locate the area devoted to secret services. It will resemble this.
############### This section is just for location-hidden services ### ## Once you have configured a hidden service, you can look at the ## contents of the file ".../hidden_service/hostname" for the address ## to tell people. ## ## HiddenServicePort x y:z says to redirect requests on port x to the ## address y:z. #HiddenServiceDir /var/lib/tor/hidden_service/ #HiddenServicePort 80 127.0.0.1:80 #HiddenServiceDir /var/lib/tor/other_hidden_service/ #HiddenServicePort 80 127.0.0.1:80 #HiddenServicePort 22 127.0.0.1:22
Then uncommented the following lines:
#HiddenServiceDir /var/lib/tor/hidden_service/ #HiddenServicePort 80 127.0.0.1:80
This is how the hidden services section should appear now.
############### This section is just for location-hidden services ### ## Once you have configured a hidden service, you can look at the ## contents of the file ".../hidden_service/hostname" for the address ## to tell people. ## ## HiddenServicePort x y:z says to redirect requests on port x to the ## address y:z. HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:80 #HiddenServiceDir /var/lib/tor/other_hidden_service/ #HiddenServicePort 80 127.0.0.1:80 #HiddenServicePort 22 127.0.0.1:2
Then tor is restarted by:
sudo service tor restart
Also, evaluate the Tor status
sudo systemctl status tor
root@nθd3: # systemctl status tor tor.service - Anonymizing overlay network for TCP (multi-instance-master) Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled) Active: active (exited) since Thu 2020-11-12 13:14:57 UTC; 7s ago Process: 11664 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 11664 (code=exited, status=0/SUCCESS) Nov 12 13:14:57 nød3 systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)... Nov 12 13:14:57 nød3 systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).
Tor should have generated a couple of files. The first step is to create a hostname file. Open it to obtain your .onion address.
sudo cat /var/lib/tor/hidden_service/hostname
The file I contained includes 6ad4242dqvoc7e7jgh5laivs2fs7l4u2ej2gscaxtc5wbxlskow4vqd.onion. Something similar should be in your file. The other file contains a private and public key pair. Open it up and look inside.
sudo ls -lrt /var/lib/tor/hidden_service/
[root@nθd3:/var/lib/tor/hidden_service# ls -lrt total 16 -rw------- 1 debian-tor debian-tor 96 Nov 12 13:14 hs_ed25519_secret_key -rw------- 1 debian-tor debian-tor 64 Nov 12 13:14 hs_ed25519_public_key -rw------- 1 debian-tor debian-tor 63 Nov 12 13:14 hostname drwx--S--- 2 debian-tor debian-tor 4096 Nov 12 13:14 authorized clients
If it becomes essential in the future, you can transfer your server to a new machine using these two files. Make a copy of these files and keep them safe.
Nginx
For this project, nginx is an excellent web server. So Nginx should be installed as.
sudo apt-get install nginx
Note your server must have a firewall installed. I suggest the Uncomplicated  Firewall (UFW). If you require assistance with UFW, see A Guide to the Simple Firewall (UFW) for Linux. Allow HTTP traffic with the following command.
sudo ufw allow 'Nginx HTTP'
Verify that your server’s IP address is operational by visiting it.
Remove this rule if everything is working properly. After that, restart the firewall.
sudo ufw deny 'Nginx HTTP' sudo ufw reload
nginx.conf
Disable unwanted information sharing by editing the main Nginx configuration file.
sudo vi /etc/nginx/nginx.conf
Add the following to the http block:
server_name_in_redirect off; server_tokens off; port_in_redirect off;
Now restart the Nginx server by following command.
sudo systemctl restart nginx
Web Server Root Directory
Create a directory to store our web server files.
sudo mkdir /var/www/dark_net
Create and edit a file called index.html for your website.
sudo nano /var/www/dark_net/index.html
Add whatever you want within. We don’t require real HTML; instead, we require something unique for the time being.
Welcome to my page
Permissions must be set so the file can be easily accessed by Nginx.
sudo chmod 755 /var/www/dark_net
Remove Nginx Default
Delete the default website.
sudo rm /etc/nginx/sites-enabled/default sudo rm /etc/nginx/sites-available/default
Add Available Site
Creating a new site in the available-sites directory.
sudo nano /etc/nginx/sites-available/dark_net
Within, insert the following for your instance’s root and server name variables.
server {
listen 127.0.0.1:80;
root /var/www/dark_net/;
index index.php index.html;
server_name 6ad4242dqvoc7e7jgh5laivs11s734u2ej2gscaxtc5wbxlskow4vqd.onion;
}
Note: Add your own .onion address in server_name and Safe the file.
Adding the given site to the site_enabled list.
sudo ln -s /etc/nginx/sites-available/dark_net/etc/nginx/sites-enabled/
Then Nginx sever is restarted.
sudo systemctl restart nginx
Tor Browser
Access the Tor Browser (which you can download here) and navigate to your previously generated .onion address. If functioning of the system is proper, then the previously created dummy index.html page will be shown.
Conclusion
Therefore, you now have a website here on Dark Web. Any documents located inside the /var/www/dark web directory would be accessible online. If you are using a static website builder, this is the location where the result will be saved.
