Unlock cybersecurity expertise, protect digital frontiers, secure your future today! Join Now
Home
Cyber Security

How to Set Up a Dark Web Server on Kali Linux Using Tor and Nginx

Learn how to host a Dark Dark Website on Kali Linux using Tor and Nginx with full step-by-step commands and configuration details

How to Set Up a Dark Web Server on Kali Linux Using Tor and Nginx

Table of Contents

  1. Introduction to Dark Web and Hidden Services
  2. Requirements and Assumptions
  3. Installing and Configuring Tor
  4. Setting Up a Basic Nginx Web Server
  5. Creating a Hidden Service with Tor
  6. Pointing .onion Domain to Your Web Service
  7. Testing and Troubleshooting
  8. Hardening the Hidden Service
  9. Cleanup and Removal (Optional)
  10. Conclusion

1. Introduction to Dark Web and Hidden Services

The Dark Web is a network of websites only accessible through privacy-focused overlay networks like Tor (The Onion Router). Unlike traditional websites on the Clear Web, Dark Web services use .onion addresses and are completely anonymous for both server and client.

Tor achieves this by routing traffic through multiple volunteer-run relays, encrypting it at every step. This anonymity makes it ideal for journalists, activists, and privacy-focused developers.

2. Requirements and Assumptions

Platform: Kali Linux
Web Server: Nginx
Network Layer: Tor
Access Method: Tor Browser

You will need:

  • A system with Kali Linux installed.
  • Internet access.
  • Basic knowledge of Linux command-line usage.
  • sudo or root privileges.

3. Installing and Configuring Tor

Step 1: Install Tor

sudo apt update
sudo apt install tor -y

Explanation:

  • apt update: Syncs your package index with the repositories.
  • apt install tor: Installs the Tor daemon and supporting tools.
  • -y: Auto-confirms prompts.

To confirm installation:

tor --version

Step 2: Configure the Tor Service

Tor configuration is stored in:

/etc/tor/torrc

Open the configuration file:

sudo nano /etc/tor/torrc

Find and uncomment or add the following lines:

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80

Explanation:

  • HiddenServiceDir: Directory where Tor stores your hidden service configuration and keys.
  • HiddenServicePort: Forwards traffic on port 80 of your .onion address to your local server on 127.0.0.1:80.

Step 3: Start or Restart Tor

sudo service tor start

To reload configuration:

sudo service tor restart

You can check if the service is running:

sudo service tor status

4. Setting Up a Basic Nginx Web Server

Step 1: Install Nginx

sudo apt install nginx -y
sudo service nginx start
sudo systemctl enable nginx

Step 2: Create Web Root Directory

sudo mkdir -p /var/www/darkweb
sudo chown -R $USER:$USER /var/www/darkweb

Add a basic HTML page:

echo "<h1>Welcome to the Dark Web</h1>" | sudo tee /var/www/darkweb/index.html

Step 3: Secure and Tune Nginx Config

sudo nano /etc/nginx/nginx.conf

Ensure these lines are uncommented or added under http {} block:

server_tokens off;
server_name_in_redirect off;
server_names_hash_bucket_size 128;

5. Creating a Hidden Service with Tor

Step 1: Set Up Nginx Virtual Host

cd /etc/nginx/sites-available
sudo cp default darkweb
sudo nano darkweb

Replace contents with:

server {
    listen 80;
    listen [::]:80;

    root /var/www/darkweb;
    index index.html;

    server_name YOUR_ONION_ADDRESS.onion;

    location / {
        try_files $uri $uri/ =404;
    }
}

Step 2: Enable the Site

sudo ln -s /etc/nginx/sites-available/darkweb /etc/nginx/sites-enabled/
sudo nginx -t
sudo service nginx restart

6. Pointing .onion Domain to Your Web Service

After Tor has started, check your .onion domain:

sudo cat /var/lib/tor/hidden_service/hostname

This might return something like:

xj23k4rlwlhbh3x6f7u73xgz73moyp37x3f6cuj.onion

Copy this domain and paste it into the server_name field in your Nginx virtual host config.

7. Testing and Troubleshooting

Step 1: Test Web Server Locally

curl http://127.0.0.1

Should return:

<h1>Welcome to the Dark Web</h1>

Step 2: Test via Tor Browser

Launch Tor Browser.
Paste your .onion domain in the address bar.
If everything is configured correctly, your page should load.

If not:

  • Check Tor logs: sudo journalctl -u tor
  • Check Nginx logs:
    Access: /var/log/nginx/access.log
    Error: /var/log/nginx/error.log

8. Hardening the Hidden Service

Permissions and Ownership

sudo chown -R www-data:www-data /var/www/darkweb

Restrict Service Exposure

Block outside access to port 80 with UFW:

sudo ufw allow 22
sudo ufw deny 80
sudo ufw enable

Or with iptables:

sudo iptables -A INPUT -p tcp --dport 80 ! -s 127.0.0.1 -j DROP

Optional HTTPS

While .onion inherently encrypts traffic, you can add a self-signed TLS certificate for better defense-in-depth.

9. Cleanup and Removal (Optional)


sudo service tor stop
sudo service nginx stop
sudo rm -rf /var/lib/tor/hidden_service/
sudo rm -f /etc/nginx/sites-enabled/darkweb
sudo rm -f /etc/nginx/sites-available/darkweb
sudo rm -rf /var/www/darkweb

10. Conclusion

You've just created your own anonymous Dark Web site on Kali Linux using Tor and Nginx. This powerful setup enables privacy-preserving communication and hosting—ideal for secure apps, whistleblowing platforms, or privacy-conscious developers.

Use this power ethically and responsibly. Misuse of anonymity technologies for illegal purposes is still prosecutable and monitored.