The Cryptonix Project

Mirroring This Site to Tor

Mirroring sites are an important way in preserving the information they provide. As well as bypassing censorship by hosting them within a provider that is reachable, or by utilizing a service like Tor. In this quick example, we will go over mirroring a site as a hidden service, utilizing this site as an example. However the steps can be applied to other sites as well. Please note: Mirroring a site does not create a fully functional site. It only mirrors the static files (HTML, CSS, Images) to recreate the content. You will not be able to interact with the site, such as logging in, posting, commenting etc.

To start you will need a VPS. Digital Ocean, Vultr, Linode, any of these services with 1 Click installs work great for hastily getting a system up and running (However, if you're concerned about anonymity, there are better options that may be available to you. Consider your threat model when deciding where to host.) For this instance, we will utilize a Debian 11 system. This tutorial will assume the user has basic knowledge of things like SSH and navigating a Linux file system via the Terminal.

• Step 1 Login to your server via SSH.

$ssh <user>@<your-server-ip>

You'll also want to make sure the server is updated and upgraded

$ sudo apt update && sudo apt full-upgrade -y

After this is complete we will need to install a few things Wget, Tor and Nginx. Debian comes with Wget preinstalled, and if you chose a LEMP stack, Nginx will also come preinstalled. Use the following based on your system in this example however, we are utilizing a base Debian 11 system:

• Step 2 Install Wget Tor and Nginx

$ sudo apt install wget tor nginx

Once this is installed, the services both Nginx and Tor should automatically start however if they do not, they can be started manually:

$ sudo systemctl start nginx

$ sudo systemctl start tor

You can check to make sure the services are running with the following:

$ sudo systemctl status nginx

$ sudo systemctl status tor

nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2023-01-19 03:00:45 UTC; 2h 6min ago
       Docs: man:nginx(8)
    Process: 11635 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, statu>
    Process: 11636 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCE>
   Main PID: 11637 (nginx)
      Tasks: 2 (limit: 1131)
     Memory: 2.6M
        CPU: 32ms
     CGroup: /system.slice/nginx.service
             ├─11637 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
             └─11638 nginx: worker process

tor.service - Anonymizing overlay network for TCP (multi-instance-master)
     Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
     Active: active (exited) since Thu 2023-01-19 02:46:30 UTC; 2h 22min ago
    Process: 11559 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
   Main PID: 11559 (code=exited, status=0/SUCCESS)
        CPU: 1ms

• Step 3 Editing torrc and nginx to host the mirror

Now we will need to configure a few things, the torrc file to allow our hidden service to be discoverable and nginx to allow our mirror to be accessible. We will start with the torrc file.

$ sudo nano /etc/tor/torrc

Scroll through the file and remove the comment of the 2 lines HiddenServiceDir /var/lib/tor/hidden_service/ and HiddenServicePort 80 127.0.0.1:80 by removing the #.

## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.

HiddenServiceDir /var/lib/tor/hidden_service/ 
HiddenServicePort 80 127.0.0.1:80 

#HiddenServiceDir /var/lib/tor/other_hidden_service/
#HiddenServicePort 80 127.0.0.1:80
#HiddenServicePort 22 127.0.0.1:22

Save the file and exit back to the terminal.

From here we need to mirror the website. This will be done through wget and we will place it along side the /html/ directory

$ wget -mkxKE -e robots=off https://cryptonixproject.org -P /var/www/

This will download all the files from this site, and place them into the directory specified by the -P. Once the download is complete, we can move on to configuring nginx.

We will need to edit 2 files in order to do this. The nginx.conf found in /etc/nginx/nginx.conf and the default file found in /etc/nginx/sites-available/default. We will start with the nginx.conf

$ sudo nano /etc/nginx/nginx.conf

Uncomment the server_tokens off; and below it add in port_in_redirect off;. Also be sure to uncomment the server_name_in_redirect off;

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        types_hash_max_size 2048;
        server_tokens off;
        port_in_redirect off;

        # server_names_hash_bucket_size 64;
        server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

Once your finished edititing, save and return to the terminal screen. Next we will need to edit the default file of nginx to point it to our new directory hosting the mirrored files.

$ sudo nano /etc/nginx/sites-available/default

Once there you will need to edit a single line root /var/www/html/; change this to reflect the directory your mirrored files are in. In this case root /var/www/cryptonixproject.org/; Note: we removed some of the comments that are in the default file for the simplicity of this. So don't worry if you have a few more lines of configuration than this. Leave them commented out.

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        root /var/www/cryptonixproject.org/;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name _;

After this is all said and done. Exit the file back to the terminal. Now we will need to restart Tor and Nginx to reflect all the changes we've made. This can be done in 2 commands similar to the ones above.

$ sudo systemctl restart nginx

$ sudo systemctl restart tor

Note: If you run into issues like a service not starting, take a look at our examples and your configurations.

Once the services are restarted, the mirror should be working correctly and the tor service should be providing a .onion hostname. You can find this utilizing the following command:

$ sudo cat /var/lib/tor/hidden_service/hostname

This will present you your .onion hostname. In the case of the onion mirror to this site:

cat /var/lib/tor/hidden_service/hostname
eus53s7cg5h6ifwyz5re7bb2xi67xnbuer4srzticakr2uoyu7oeahqd.onion

Plug this into a Tor Browser and verify the site is reachable. If it is, congratulations, you've officially mirrored this(or another) website as a hidden service within the Tor Network.

Note: This is not the only way to mirror a websites. There are different methods one may want to use, this is simply an example. If you have any questions please feel free to Contact Us