Tor Hosting
A Tor Hosting company.
Requirements
An automatic, self sustaining hosting company based on the Tor anonymity network will depend on the following hard requirements:
- Ability to accept payments using cryptocurrencies such as bitcoin
- A customer portal panel for support, billing, and communication
- Control panel to:
- Manage MySQL databases
- Monitor bandwidth
- Monitor disk usage
- Manage files (via FTP?)
- Automatically handle account creation, involving:
- Creating an account / directory
- Configuring web server such as apache to listen on a unique port for a specific directory
- Creating a Tor hidden service (generating private key, create :80 -> webserver:unique-port
- Configure FTP account
Design
Website Front
A separate hidden service for the website and control panel. This should be on a separate server from the actual content server.
Backend Server
Watches for bitcoin transactions. Updates database records accordingly.
Content Servers
Accounts are created remotely on content servers. The control panel should not have direct write access to files except through FTP (using the user's credentials).
Account creation, password resets, termination, are sent through a message queue and processed.
Individual Account Features
FTP/SFTP access- Backup option
- PHP 5
- MySQL
- Access logs?
- Monitor bandwidth, disk usage
Accounts should not be able to:
- See other users
- List home directories
- Port scan internal network
- Create TCP connections elsewhere
- Fork bomb server or interrupt other users.
- This means user-process PHP is required
Other Hosting Providers
Freedom Hosting II
Freedom Hosting II's PHP configuration disallows the following:
pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,dl,fsockopen,pfsockopen,mail,virtual,link,symlink,putenv,popen,exec,passthru,proc_open,shell_exec,system,proc_close,proc_get_status,proc_nice,proc_terminate,socket_accept,socket_bind,socket_clear_error,socket_close,socket_cmsg_space,socket_connect,socket_create_listen,socket_create_pair,socket_create,socket_get_option,socket_getpeername,socket_getsockname,socket_import_stream,socket_last_error,socket_listen,socket_read,socket_recv,socket_recvfrom,socket_recvmsg,socket_select,socket_send,socket_sendmsg,socket_sendto,socket_set_block,socket_set_nonblock,socket_set_option,socket_shutdown,socket_strerror,socket_write,posix_access,posix_ctermid,posix_errno,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_initgroups,posix_isatty,posix_kill,posix_mkfifo,posix_mknod,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname,ini_set
All sites are placed in /home/domain.onion/ with no option to change the domain.
See Also