Tor + Proxy Server

In this arrangement, your traffic passes through Tor to a proxy server, and then from the proxy server to your destination website.

  1. Evaluate Topologies Tor + proxy server is an unusual topology. You should evaluate whether it really is the best topology for your threat model. Some possible alternatives you might consider include: VPN alone Proxy alone Tor alone VPN + Tor Tor + VPN Proxy + Tor If you decide that Tor + proxy server really is the best topology for you, you should further evaluate whether you want to use a free proxy server or a paid proxy server.
Read more →

How Websites Know Where You Are

There are multiple ways in which advertisers can figure out your location: IP address geolocation Global positioning system Nearby WiFi SSIDs and strengths Nearby cell phone towers Software region settings Device fingerprinting To block websites from knowing where you are, you must adopt as many of the following measures as possible: Use Tor or a VPN to mask your IP address Do not use a mobile device Turn off wireless networking Use an unaltered VM or Tails Leave your browser window at its default size Turn off JavaScript in your browser If you are unable or unwilling adopt all of the above measures, you must make an effort to understand the ways in which you are leaving yourself open to location detection.
Read more →

Security Tips for Tor Users

Here are twenty tips to increase your security while using Tor Browser: Do not use a closed-source operating system. Keep your operating system and Tor Browser up to date. Encrypt your hard drive. Do not use your clearnet identity or accounts in Tor Browser. Do not install extra plugins. Avoid downloading programs from websites. Set the security level to maximum if at all possible (no JavaScript allowed). Use DuckDuckGo as your search engine.
Read more →

Penetrate a Censorship Firewall

This post is a quick introduction to possible techniques to bypass censorship by penetrating the censors’ firewall. The censorship algorithms vary from firewall to firewall. Therefore this post can only state general possibilities. It does not dive into what may or may nor work in any particular country. Also, I am not a lawyer, so I cannot discuss what may or may not be legal in your country. Many modern censorship circumvention techniques were developed in China to bypass the GFW.
Read more →

Torrc Examples

Here are some sample Tor configuration files, also known as your torrc file. The torrc is stored in different places: On Linux, the file is generally at /etc/tor/torrc On Windows, the Tor Browser bundle by default puts the file at C:\Users<your-name>\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\torrc The Windows expert bundle by default uses C:\Users<your-name>\AppData\Roaming\tor\torrc, although you can change this with the -f option to something more accessible, e.g. C:\Tor\torrc. On macOS, look in ~/Library/Application Support/TorBrowser-Data/Tor/torrc.
Read more →

Example of Tor+Nginx Onion Website Configuration Files

Here are some sample configuration files. This post applies if you have your own server with Nginx and Tor installed.

  1. Nginx 1.1. Main configuration file Nginx main configuration file /etc/nginx/nginx.conf. In this example, we have hardened the default configuration by adding headers and specifying buffer size limits: cat /etc/nginx/nginx.conf user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; server_tokens off; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block" always; client_body_buffer_size 1k; client_header_buffer_size 1k; client_max_body_size 1k; large_client_header_buffers 2 1k; include /etc/nginx/mime.
Read more →

How to Use Mkp224o

Here is how to use the mkp224o utility to generate a vanity URL based on your specified filter. Step 1 — Prepare Server These instructions are for a Linux server running a recent version of Debian or Ubuntu. Get your server package lists up to date: sudo apt update Upgrade to the latest version of all your existing packages: sudo apt upgrade Install the prerequisites for compiling mkp224o from source:
Read more →