In this comprehensive guide, we will walk you through the process of setting up a secure website using Nginx, installing and configuring Tor for enhanced anonymity, and even creating a vanity onion address for your site. This step-by-step tutorial provides in-depth knowledge, ensuring you not only set up a secure website but also understand the underlying concepts.

Part 1: Setting Up the Website (Nginx)

1. Installing Nginx

Nginx is a powerful web server that's known for its efficiency and scalability. To get started, we need to install Nginx on our server. Run the following command to install Nginx:

apt install nginx

Nginx, pronounced as engine-x, is a popular choice for web hosting due to its ability to handle high traffic loads efficiently.

2. Copying Website Files

Now, let's copy your website files to the Nginx web root directory. The default Nginx web root is typically located at /var/www/:

cp -r ~/amrSecWebsite /var/www/

By placing your website files in this directory, Nginx can serve them to visitors.

3. Editing Nginx Configuration

Nginx uses configuration files to define how it should handle incoming web requests. Open the default Nginx configuration file for editing:

nano /etc/nginx/sites-available/default

Within this file, specify the location of your website's files by changing the root directive:

root /var/www/amrSecWebsite

This configuration tells Nginx where to find the website's content.

4. Testing Nginx Configuration

Before we proceed, it's crucial to ensure that your Nginx configuration is error-free. Run the following command to perform a configuration test:

nginx -t

This command checks for syntax errors in your Nginx configuration. A successful test confirms that your web server is configured correctly.

5. Restarting Nginx

To apply the changes you've made, restart the Nginx service:

systemctl restart nginx

Nginx will now serve your website content from the specified directory.

Part 2: Installing and Configuring Tor

1. Installing Tor

Update your package list and install Tor:

sudo apt update
sudo apt install tor

This step is updating the packages and installing tor.

2. Configuring Tor

Tor offers hidden services that allow you to host a website while keeping your server's location anonymous. To set up a hidden service, open the Tor configuration file:

nano /etc/tor/torrc

Within this file, you need to uncomment the following lines to enable the hidden service functionality:

#HiddenserviceDir /var/lib/tor/hidden_service
#HiddenServicePort 80 127.0.0.1:80

These lines tell Tor to create a hidden service directory and map incoming requests on port 80 to a local web server.

3. Restarting Tor

To apply the changes made to the Tor configuration, restart the Tor service:

systemctl restart tor

Your server is now configured to host a hidden service accessible via the Tor network.

4. View Your Onion Address

To access your website through the Tor network, you'll need to know your onion address. Retrieve it by running the following command:

cat /var/lib/tor/hidden_service/hostname

Your onion address is a randomized string of characters and numbers followed by .onion. Users can access your website via this unique address, providing an additional layer of privacy and anonymity.

Part 3: Creating a Vanity Onion Address

1. Installing mkp224o and Pre-Requisites

If you want to create a custom vanity onion address, you can do so using the mkp224o tool. First, install the necessary prerequisites:

apt install gcc libc6-dev libsodium-dev make autoconf

These packages are required to compile the mkp224o tool.

2. Downloading mkp224o

Clone the mkp224o Git repository to obtain the tool:

git clone https://github.com/cathugger/mkp224o.git

3. Building mkp224o

Change into the mkp224o directory and build the tool:

cd mkp224o

./autogen.sh

./configure

make

The mkp224o tool is used to generate vanity onion addresses. Vanity addresses are unique and customizable, making them easy to remember.

4. Generating Your Vanity Onion Address

You can generate your desired vanity onion address by running a command similar to the one below. Replace chuck with your preferred vanity address:

./mkp224o amrsec -v -n 1 -d ~/mynewdomain -t 4

The -v flag is used to enable the vanity mode, and -n 1 specifies that you want to generate one onion address. The -d flag specifies the directory where your vanity address will be stored, and -t 4 indicates the number of CPU threads to use during the generation process.

5. Copying Your Vanity Address

After generating your vanity onion address, copy it to the hidden service directory for Tor:

cp -r ~/supremeonionkey/youraddressname/ /var/lib/tor/hidden_service

This step ensures that your custom vanity onion address is available through the Tor network.

6. Restarting Tor

To apply the changes, restart the Tor service once more:

systemctl restart tor

Conclusion

By following the steps outlined in this guide, you've successfully set up a secure website using Nginx, enhanced privacy and anonymity with Tor, and even created a custom vanity onion address. Understanding these concepts is key to maintaining a secure web presence while ensuring your users' privacy and security.