![]() ![]() ![]() It requires no special webserver configuration. Because the hostname stays the same, requests will reach your webserver with the same Host header.onion connection while not touching anything on the Application layer (layer 7). ![]() If you're familiar with the OSI 7 layer model, we're replacing the Transport (layer 4) TCP layer with a. The domain name stays the same. Instead of adding a .oniondomain to Nginx, we're sending all requests using the same hostname.This is highly beneficial for server administrators for the following reasons: What this means is when you connect to privacytools.io in your Tor browser, instead of your computer running a DNS lookup and making TCP requests to 145.239.169.56:443, it will see that a .onionconnection is available and make TCP requests to privacy2zbidut4m4jyj3ksdqidzkw3uoip2vhvhbvwxbqux5xy5obyd.onion:443instead, completely transparently and keeping the hostname identical! onion domain rather than a clearnet IP address. Initially it was developed for SPDY and now QUIC support for websites in browsers that support it, but now we can use it to tell browsers (the Tor Browser specifically) that our site is available at an. What is alt-svc?Īlt-svc is a HTTP header that allows your server to inform a web browser about alternative ways to reach your website. The privacytools.io websites and services are now Tor-enabled completely transparently to all users using the Tor browser, because of an HTTP header called alt-svc. What we're doing here is reimplementing Cloudflare's setup on our own machines. Not only did they add Tor support to nearly all their websites, which will certainly help with reducing the number of captchas seen by Tor users across the internet, it introduced a new and very interesting way to handle Tor traffic. When Cloudflare introduced their Onion Service last year, it marked an important milestone in Tor adoption and connectivity. Some people called for me to write a more technically detailed/in-depth guide to setting up Tor with alt-svc after we set it up on privacytools.io, so while I do it all over again on our Mastodon server, I figured I'd write this post! Plus, it'll make it easier for me if I need to do this again in the future :) This post was originally written on my privacytools.io admin blog.
0 Comments
Leave a Reply. |