this post was submitted on 05 Aug 2024
24 points (92.9% liked)

Tor - The Onion Router

1439 readers
1 users here now

Tips, tricks and information about the Tor network!

Tor Project

founded 4 years ago
MODERATORS
imattau@lemmy.ml
24
Why are onion services not widely used? (lemmy.dbzer0.com)
submitted 1 month ago by fran@lemmy.dbzer0.com to c/tor@lemmy.ml
27 comments fedilink hide all child comments
 

It amazes me that onion sites aren't everywhere. They are easy to spin up, you don't have to pay anything and can run it from your own home. No need to purchase a domain, worry about expiration, have an open port. Built-in DoS protection. Anonymity and authentication by default. No need to configure HTTPS. Sure, uptime is on you and there is some latency/bandwidth limits to be considered, but once you are over that, onions are a solution to many problems and the benefits are enormous.

you are viewing a single comment's thread
view the rest of the comments
[–] Mastema@infosec.pub 8 points 1 month ago (3 children)

As someone who just stumbled on here from ALL, I'm vaguely familiar with Onion sites and TOR more generally, but what resources would you recommend to learn more about setting one up for myself to play around with?

[–] fran@lemmy.dbzer0.com 3 points 1 month ago* (last edited 1 month ago)

It's easy. Just edit your Tor configuration file (torrc) to enable an onion service. This one forwards from the onion service on port 80 (so users don't have to specify a port number in the URL) to a local HTTP server running on your machine on port 8000:

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8000

Change the directory path based on your operating system. Specify a directory that doesn't exist yet so Tor can set the correct permissions on it. Next, start or restart Tor. Then just read the onion service's hostname in the hostname file created in that hidden services directory.

You can then run any HTTP server on localhost:8000 and anyone connecting to your onion service can access it. In Python this might be as simple as python3 -m http.server --bind localhost 8000 --directory . to share the files current directory (but be aware that there are some security considerations, like symbolic links, to be aware of. Just use this for testing.) For production servers you will want a "real" http server.

[–] 0x0@programming.dev 2 points 1 month ago

Probably the tor project.