Hidden services and Lighttpd

Hello,

Newbie here.
In the Whonix Gateway I modified my torrc file and added these 4 lines:

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 192.168.0.11:8070

HiddenServiceDir /var/lib/tor/hidden_service_green/
HiddenServicePort 80 192.168.0.11:8038

I successfully got the hostname and private_key for both.

In the Workstation I installed lighttpd.

My question is where are the index files: On gateway or workstation and the directories to them?

Thank you

Index files are to be found on the workstation, because the server software gets installed there. That depends on the server software.

In case of lighttpd it’s:
/var/www/index.html

And can be changed by editing lighttpd’s config files (/etc/lighttpd/).

Hi Thanks, that worked for me when I had one hidden service. But with two, it doesn’t seem to find /var/www/index … and where would the index file go for the second hidden service ?

Have you got the standard 1 server-only .onion hidden service solution with Whonix already working? That’s something you should do before proceeding.

Two servers depends on configuration of the server software (lighttpd here). You reached server admin questions at this point.

/var/www is the document root, that is configured in /etc/lighttpd/lighttpd.conf.

To go any further, I advice to get the Whonix specific part out of your question.

xxx.onion port 80 will be forwarded to 192.168.0.11:8070

yyy.onion port 80 will be forwarded to 192.168.0.11:8038

Now, you can simulate someone accessing the server.

• When you open iceweasel* in the workstation and open 127.0.0.1:8070 or 192.168.0.11:8070, you should get the same result as someone visiting xxx.onion.
• When you open iceweasel* in the workstation and open 127.0.0.1:8038 or 192.168.0.11:8038, you should get the same result as someone visiting yyy.onion.

That’s the only Whonix specific part.

The question you should be asking - because then you can get much better support from general linux channels, lighttpd channels, server admin channels, stackexchange webmasters, etc. - is “How do I configure lighttpd to use document root /var/www for 127.0.0.1:8070, and to show a different document root for /var/something for 127.0.0.1:8038?” Nothing Whonix specific, much more options to find documentation and help.

I don’t know if lighttpd can do this. Probably yes.

Alternatively you could also start two instances of lighttpd. One would be automatically started by debian’s /etc/init.d/lighttpd mechanism, and you could manually start another instance on another part. How to do that is a general, non-Whonix specific Linux sysadmin question.

As another alternative:

• Because Tor Browser does not longer support local connections, which is a separate issue:
  Template:Tor Browser Local Connections - Whonix

Thank you,

Yes I did get whonix and lighttpd working fine with one hidden service. So as I understand you, I should look for answers in lighttpd forums etc. But thanks very much for some good starting points and areas to investigate.