How to run hidden onion server? Step-by-step guide.

3 years ago
1) Buy any cheap VPS.
You can find good deals on and also check out with examples of some common VPS installations, such as web-server.

2) Install nginx, mysql, php or anything your website needs to run.

3) Configure your web-server to listen ONLY to




server.port = 4986
server.bind = ""



Now restart your webserver.

4) Install Tor.


apt-get install tor as root


sudo yum install tor

or you can find instructions here (not only for Debian)

5) Configure Tor:


HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80

Now restart Tor:

/etc/init.d/tor restart

And your tor hidden service is now up and running.
It's *.onion address is written to this file:


Type it in your browser & go check out!

!!! Take care:

1) Since your website is running on VPS, admins of host system could probably have access to all of your files & data. By simply reading that data they can easily match you and your hidden service. Using truecrypt or EncFS greatly reduce this possibility, but it is still possible to read passphrase or unencrypted data from VPS's memory image.

A good choice is to buy physical server & use encryption on it.
Even better choice - stay yourself anonymous to your VPS provider.
Google "bitcoin vps", or use some gift-card, anonymous coupon, ask for test period or whatever. Then, never show your real IP to hoster (create account, pay and later connect to your VPS only via Tor), use only secure protocols for that (https, ssh) and always verify signatures to avoid mitm attack of Tor exit node, that are popular.

2) Beware of web-based attacks. This is true for any website, not only hidden-one, but I'll repeat here once again: never trust user's data.

3) Limit access to your VPS from outside Tor. Configure iptables, or at least make sure you don't have Memcached listening to the whole world.

3 years ago
Thanks for this tutorial. I followed one just like this earlier, and it worked out great, except that I could not find out how to launch the browser.

3 years ago
Browser? This tutorial is about server-side hosting, there is no such thing as browser there. Browser is for other people to access your server from their computers, it should not be installed on server.

To access your hidden service you should do whatever you usually do to access other .onion sites, for example install Tor Browser Bundle.

3 years ago
Sorry to dig up a (relevantly) old post but I cannot stop my hidden service from being displayed in clearnet.

When I go to the onion site - the webpage loads
When I access (from another PC on this LAN) I can access the website.

I would have thought localhost is only for that PC and not from another within the same LAN, although i'm not fluent in this area...

I have added to torrc:

HiddenServiceDir /home/pi/tor/hidden_service/
HiddenServicePort 80

and also added to /etc/nginx/sites-available/default:

server {
listen 8008; ## listen for ipv4; this line is default and implied

And also restarted both, still can access it. Any advice for a noob?

3 years ago
In nginx.conf

listen 8008;

shoud change to


or, if you run Tor and nginx on different servers, put there IP of Tor box.

3 years ago
Thanks for this - your assistance worked.


You are not logged in. Login or register to reply on this thread.