Lenvin Gonsalves

Posted on Jul 10, 2020 • Updated on Dec 10, 2020 • Originally published at lenvingonsalves.me

How to host a website on the Dark web

#security #linux #webdev #tutorial

There is a lot of misconception around the dark web, and most of the people think that it is not possible to create their website on Dark web (The Onion network). Today we will set up a website in the Onion/Tor network for free (With our own home server).

As you can see above, I have created my website in the Tor network, and I've accessed it using the Tor Browser.

This tutorial consists of three steps

Preparing your computer (Not a real step)
Installing & Configuring nginx
Installing Tor
Configuring the Tor server

Ingredients

An old computer (You can try on AWS EC2, but I've not tried it there) 💻
A stable internet connection 🌐
2 hours ⌚
Comfort using terminal ⌨

Instructions

To begin with, find a spare computer that can be used as a server (If you don't have one, you can try following the tutorial on an AWS EC2 or similar service). Also, you do not need a static IP for your dark web website.

To follow the tutorial, You will need to install a Linux based OS on the server (we will refer your spare computer/cloud computer as a server from now), I have tested the below steps on Ubuntu 18.04 Server LTS and I recommend that you also use the same. Ubuntu 20.04 doesn't seem to work well with Tor.

It is also recommended to use SSH to connect to your server since there will be no GUI, you will not be able to open this article on the server and copy-paste the commands. Typing the commands out will be time taking & also very error-prone.

In this article, I will not explain how to use & configure SSH but you can refer the below link to understand & use SSH.

How To Use SSH To Connect To A Remote Server In Linux Or Windows

Important: Make sure you are running as root throughout the tutorial.

sudo su

Let's get our hands dark 😎

Installing & Configuring nginx

The role of nginx is to serve the HTML files and assets (act as a web server).

apt update
apt install nginx

The above commands will update the server & install nginx. To start the nginx server

service nginx start

To check the status of the nginx server

service nginx status

To confirm if the nginx server is working. We will make a GET request to the server using curl. Before that, you'll need to know what is your IP address.

ifconfig

The output will be similar to this

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 134  bytes 21230 (21.2 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 134  bytes 21230 (21.2 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp9s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet your-ip-address  netmask 255.255.255.0  broadcast ###.###.#.###
        inet6 ####::####:####:####:####  prefixlen 64  scopeid 0x20<link>
        ether ##:##:##:##:##:##  txqueuelen 1000  (Ethernet)
        RX packets 6379  bytes 8574482 (8.5 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3518  bytes 506008 (506.0 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Find your IP address in inet your-IP-address. Note it down, using that now make a curl request.

curl your-IP-address:80

The console should print out the HTML code of the default nginx page. You can also check if nginx is working by typing the IP address of the server in your browser.

To add your custom page, follow the steps from their official documentation. Beginner's guide - nginx

Installing Tor

Installing Tor (not just the browser) allows your computer to communicate with the Tor network. Before installing Tor, we will have to install apt-transport-https, so that we can use source lines with https://

apt install apt-transport-https

Important: The below commands are for Ubuntu 18.04 only
If you are running other OS, please find the commands here, from Tor's official, site. We will now open the sources file to add the Tor sources.

touch /etc/apt/sources.list.d/
nano /etc/apt/sources.list.d/

Once the editor is open, add the following sources to the file

deb https://deb.torproject.org/torproject.org bionic main
deb-src https://deb.torproject.org/torproject.org bionic main

After exit & saving, type the following in the terminal. This is to add the gpg key used to sign the Tor packages.

curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -

Finally, now we install Tor and also a package which will help to keep the signing key current.

apt update
apt install tor deb.torproject.org-keyring

Similar to nginx, Tor can be started & checked by the following commands

service nginx start
service nginx status

Setting up the tor server

Now that we have nginx & Tor up and running, we will have to configure Tor so that our server acts as a Tor server (Your server will not be used as a relay node)

For this, we will have to edit the torrc file. The torrc is the configuration file for your Tor, the power of the file is such that, you can alter Tor to act as a proxy server & contribute to the Tor network (Not in this tutorial). In this tutorial, the torrc will be configured to act as a tor webserver (onion service).

nano /etc/tor/torrc

In the torrc file, Go to the middle section and look for the line

############### This section is just for location-hidden services ###

And uncomment the following lines.

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80

In these lines,

HiddenServiceDir will tell Tor where to save the private_key & hostname of your Tor website (They are information about your dark website). The private key stored is very important & could be used to impersonate you. In case you change your server, you just need to copy-paste your private key into the new server.
HiddenServicePort lets you specify a virtual port (that is, what port people accessing the website will think they're using) and an IP address and port for redirecting connections to this virtual port.

To apply this new configuration, Stop the Tor service and start it again by typing the following commands.

service tor stop
service tor start

Now check the status of the tor service to see if the changes are working & valid.

service tor status

If things are looking good, proceed to the next step, otherwise, you might have made a mistake in editing the .torrc file.

At this point, your dark website must be running. But we don't know what is the URL, to get it, run the following command

cat /var/lib/tor/hidden_service/hostname

The URL to your all-new dark website will be printed in the console. To test if it's working

curl -v --socks5-hostname localhost:9050 http://your-onion-domain.onion

The URL is actually your-public-RSA-key.onion. Tor has a different way of identifying websites, i.e. via their public RSA key.

You might notice that the URL generated, is very long and you might be wondering how to create custom hostname (i.e. Custom RSA public key). I will be creating an article on this topic very soon.

Now let's celebrate on your first dark website 🎉. Also please share your thoughts in the comments 😁 (For example, you can ask me to add instructions on "how to add your custom page in nginx")