source: installer/resources/eepsite/docroot/help/index.html @ ee50123

Last change on this file since ee50123 was ee50123, checked in by slumlord <slumlord@…>, 3 years ago

#2214 - Update instructions for adding a key/hostname on stats.i2p; Remove external links, add search suggestion and specific warning about apache modules

  • Property mode set to 100644
File size: 13.3 KB
Line 
1<!DOCTYPE html>
2<html lang="en">
3<head>
4  <title>I2P Anonymous WebServer</title>
5  <link rel="shortcut icon" href="favicon.ico" />
6  <link rel="stylesheet" type="text/css" href="lib/eepsite.css" />
7  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
8</head>
9<body>
10
11   <div class="main">
12
13   <div class="langbar">
14      <a href="index.html"><img src="lib/us.png" title="English" alt="English"></a>
15      <a href="index_zh.html"><img src="lib/cn.png" title="中文" alt="中文"></a>
16      <a href="index_de.html"><img src="lib/de.png" title="Deutsch" alt="Deutsch"></a>
17      <a href="index_es.html"><img src="lib/es.png" title="Español" alt="Español"></a>
18      <a href="index_fr.html"><img src="lib/fr.png" title="Français" alt="Français"></a>
19      <a href="index_nl.html"><img src="lib/nl.png" title="Nederlands" alt="Nederlands"></a>
20      <a href="index_ru.html"><img src="lib/ru.png" title="Русский" alt="Русский"></a>
21      <a href="index_sv.html"><img src="lib/se.png" title="Svenska" alt="Svenska"></a>
22    </div>
23
24    <h1>I2P Anonymous Webserver</h1>
25
26    <h2>Guide to Anonymous Webserving on I2P</h2>
27
28    <p>
29      This is your own anonymous I2P webserver (traditionally referred to as an <i>eepsite</i>).
30      To serve your own content, simply edit the files in the webserver's root directory and the site will be public once you follow the instructions below.
31    </p>
32
33    <p id="dir">The webserver's root directory can be found in one of the following locations, depending on your operating system:
34    </p>
35
36    <ul>
37      <li><b>Linux</b><br>
38        Standard install: <code>~/.i2p/eepsite/docroot/</code><br>
39        Package install, running as a service: <code>/var/lib/i2p/i2p-config/eepsite/docroot/</code>
40      </li>
41      <li><b>Windows</b><br>
42        <code>%APPDATA%\I2P\eepsite\docroot\</code>
43      </li>       
44      <li><b>Mac</b><br>
45        <code>/Users/(user)/Library/Application Support/i2p</code>
46      </li>
47    </ul>
48
49    <p>In I2P, hidden services are addressed using a 'key', which is represented as a long Base64 string.
50      The 'key' is somewhat like an IP address, and is shown on the <a href="http://127.0.0.1:7657/i2ptunnel/edit?tunnel=3">Hidden Service Configuration page</a>.
51    </p>
52
53    <p>The instructions below detail how to assign a name like "mysite.i2p" to your key and start up your website.
54       You may reach your site locally via <a href="http://127.0.0.1:7658/">http://127.0.0.1:7658/</a>.
55    </p>
56
57    <h2>How to set up and announce your hidden service website</h2>
58
59     <p>Your website is stopped by default.
60      After you start your I2P Webserver tunnel, it will be difficult for other people to find
61      It can only be accessed with the long Base64 key or with the shorter Base32 address (.b32.i2p), which is a hash of the Base64 key.
62      You could just tell people the long key or the Base32 address, but thankfully I2P has an address book and several easy ways to tell people about your website.
63      Here are detailed instructions.
64    </p>
65
66    <ul>
67      <li>Pick a name for your website (<i>something</i>.i2p), using lower-case.
68        You may wish to check first in your own router's <a href="http://127.0.0.1:7657/susidns/addressbook?book=router&amp;filter=none">address book</a> to see if your name is already taken.
69        Enter the new name for your website on the <a href="http://127.0.0.1:7657/i2ptunnel/edit?tunnel=3">Hidden Service Configuration page</a> where it says "Website name".
70        This will replace the default "mysite.i2p".
71        Also, if you would like your I2P Webserver tunnel to be automatically started when you start I2P, check the "Auto Start" box.
72        Your website will now start every time you start your router.
73        Be sure to click "Save".
74      </li>
75      <li>Click the start button for your website on the <a href="http://127.0.0.1:7657/i2ptunnel/">main Hidden Service Manager page</a>.
76         You should now see it listed under "Local Tunnels" on the left side of the <a href="http://127.0.0.1:7657/">I2P Router Console</a>.
77         Your website is now running.
78      </li>
79      <li>Highlight the entire "Local destination" key on the <a href="http://127.0.0.1:7657/i2ptunnel/edit?tunnel=3">Hidden Service Configuration page</a>. and copy it for later pasting.
80         Make sure you copy the whole thing - it's over 500 characters.
81      </li>
82      <li>Enter the name and paste in the destination key into your
83         <a href="http://127.0.0.1:7657/susidns/addressbook?book=master">master address book</a>.
84         Click "Add" to add the destination to your address book.
85      </li>
86      <li>In your browser, enter in your website name (<i>something</i>.i2p) and you should be right back here.
87          Hopefully it worked!
88      </li>
89      <li>Before you tell the world about your new website, you should add some content.
90          Go to the server's root directory <a href="#dir">listed above</a> and replace the index.html redirect page with your own content.
91      </li>
92    </ul>           
93
94    <p>Directory listings are enabled, so you may host files from a subdirectory without providing a page with links to the files.
95      You may change the appearance of the directory by supplying an edited <a href="lib/jetty-dir.css">jetty-dir.css</a> file for each directory.
96      The <a href="lib/">lib</a> subdirectory demonstrates a custom style.
97      The <a href="lib/resources">resources</a> subdirectory demonstrates the default style.
98      If you need a template for a basic site, feel free to adapt <a href="pagetemplate.html">this page</a> and <a href="lib/">associated content</a>.
99    </p>
100
101    <p>If you're returned to this page after editing the content, try clearing your browser's web cache:</p>
102
103    <ul>
104      <li>in <b>Firefox</b> via: Preferences ➜ Advanced ➜ Network ➜ Cached Web Content ➜ Clear Now</li>
105      <li>in <b>Chrome/Chromium</b> via: Settings ➜ Advanced Settings ➜ Privacy ➜ Clear browsing data...</li>
106      <li> in <b>Opera</b> via: Settings ➜ Privacy ➜ Clear browsing data...
107    </ul>
108
109    <h2>Register your own I2P Domain</h2>
110
111    <p>Now it's time to add your website to an I2P address book hosted by a site such as <a href="http://stats.i2p/ " target="_blank">stats.i2p</a> or <a href="http://no.i2p/" target="_blank">no.i2p</a>.
112      That is, you must enter your website name and key into a web interface on one or more of these sites.
113      Here is <a href="http://stats.i2p/i2p/addkey.html" target="_blank">the key entry form</a> at stats.i2p.
114      You will need your <b>Authentication String</b> for the next step, this can be found on the <b>Registration Authentication</b> page which is linked to on the Hidden Service configuration page.
115      Copy the entire authentication string and paste it on the key entry page.
116      Enter an optional name.
117      Describe your site briefly, this step is recommended.
118      If your site is a HTTP service, leave the checkbox selected - if not unselect it.
119      Read through the Terms of Service carefully.
120      Click the "Submit" button at the bottom of the page.
121      Check to see if it reports the key was added.
122      Since many routers periodically get address book updates from these sites, within several hours others will be able to find your website by simply typing <i>something</i>.i2p into their browser.</p>
123    <h2>Adding Addressbook Subscriptions</h2>
124
125    <p>Speaking of address book updates, this would be a good time to add some more addressbooks to your own subscription list.
126       Go to your <a href="http://127.0.0.1:7657/susidns/subscriptions">Subscriptions Configuration page</a> and add one or more for an automatically updated list of new hosts:
127    </p>
128
129    <ul>
130      <li><code>http://stats.i2p/cgi-bin/newhosts.txt</code> (<a href="http://stats.i2p/cgi-bin/newhosts.txt" target="_blank">stats.i2p</a>)
131      </li>
132      <li><code>http://no.i2p/export/alive-hosts.txt</code> (<a href="http://no.i2p/export/alive-hosts.txt" target="_blank">no.i2p</a>)
133      </li>
134    </ul>
135   
136    <p>If you are in a hurry and can't wait a few hours, you can tell people to use a "jump" address helper redirection service.
137      This will work within a few minutes of your entering the key to an address book on the same site.
138      Test it yourself first by entering <code>http://stats.i2p/cgi-bin/jump.cgi?a=<i>something</i>.i2p</code> into your browser.
139      Once it's working, you can tell others to use it.
140    </p>
141
142    <p>Some people check website lists such as <a href="http://identiguy.i2p/" target="_blank">Identiguy's eepsite status list</a> or <a href="http://no.i2p/browse/" target="_blank">no.i2p's active host list</a> for new eepsites, so your site may start getting some traffic.
143      There are plenty of other ways to tell people. Here are a few ideas:
144    </p>
145
146    <ul>
147      <li>Post a message on the <a href="http://i2pforum.i2p/" target="_blank">I2P forum</a> telling everyone about your new I2P website!
148      </li>
149      <li>Tell people about it on the #i2p or #i2p-chat channels on IRC.
150      </li>
151      <li>Put it on the <a href="http://i2pwiki.i2p/index.php?title=Eepsite/Services" target="_blank">I2PWiki Eepsite Index</a>
152      </li>
153    </ul>
154
155    <p>Note that some sites recommend pasting in that really long destination key.
156      You can if you want, but if you have successfully posted your key at an add-key service, tested it using a jump service, and waited 24 hours for the address book update to propagate to others, that shouldn't be necessary.</p>
157
158    <h2>Using an alternative webserver to host your site</h2>
159
160    <p>This site (and the I2P router console) is running on the <a href="https://en.wikipedia.org/wiki/Jetty_(web_server)" target="_blank">Jetty webserver</a>, but you may wish to use a different webserver to host your content.
161      To maintain anonymity, be sure that your webserver is configured to only allow connections from localhost (127.0.0.1), and check the documentation to ensure your webserver isn't advertising details that may compromise your anonymity.
162    </p>
163
164     <p>To configure your webserver for use on I2P, you may either use the existing webserver tunnel and <a href="http://127.0.0.1:7657/configclients">disable the default webserver</a> from running, or create a new HTTP Server tunnel in the <a href="http://127.0.0.1:7657/i2ptunnelmgr">Hidden Services Manager</a>.
165       Ensure that the listening port configured for the webserver (7658 by default) is also configured in the Hidden Services webserver settings.
166       For example, if your webserver is listening by default on address 127.0.0.1 port 80, you'd need to also ensure that the Target port in the Hidden Service Manager settings page for the service is also configured to port 80.
167        </p> 
168
169        <p>Beware that a poorly configured webserver or web appplication can leak potentially compromising information such as
170          your real IP address or server details that may reduce your anonymity or assist a hacker.
171          We recommend using the default server unless you feel comfortable doing server administration.
172          Please carry out some research into securing your web server prior to placing it online.
173          There are plenty of guides online, for example if you search for "nginx security hardening guide" you will find a number of guides that have good recommendations.
174
175          We will point out one major issue with the <b>Apache</b> web server:
176          The <code>mod_status</code> and <code>mod_info</code> Apache modules are known to be enabled by default on some operating systems, these expose various forms of internal data which can lead to serious compromise of anonymity when used on an anonymous network like I2P.
177          Removing the lines from your Apache configuration file where these modules are loaded is the easiest way to prevent these issues.
178        </p>
179
180        <ul>
181           <li><a href="https://geekflare.com/apache-web-server-hardening-security/" target="_blank">Apache Web Server Security Guide</a>
182           </li>
183           <li><a href="https://geekflare.com/nginx-webserver-security-hardening-guide/" target="_blank">Nginx Web Server Security Guide</a>
184           </li>
185           <li><a href="https://www.wordfence.com/learn/how-to-harden-wordpress-sites/" target="_blank">How to Harden Your WordPress Site</a></li>
186        </ul>         
187
188        <h2>Further Assistance</h2>
189
190        <p>If you have any questions, the following places are available for support:
191        </p>
192
193        <ul>
194          <li>Our IRC support channel:
195             <ul>
196                <li><a href="irc://irc.freenode.net/i2p">#i2p on Freenode</a>
197                </li>
198                <li>Anonymously using your local <a href="irc://127.0.0.1:6668/i2p">I2P IRC tunnel</a>.</li>
199             </ul>
200            <li>The project forum <a href="http://i2pforum.i2p/" target="_blank">i2pforum.i2p</a>.
201            </li>
202            <li><a href="http://i2pwiki.i2p/index.php?title=EepsiteHosting" target="_blank">I2PWiki Eepsite Hosting guide</a>
203            </li>
204        </ul>
205
206        <div class="notify">
207          This page, the project website and the router console need translations!
208          Please help the project grow by <a href="http://i2p-projekt.i2p/getinvolved.html" target="_blank"> getting involved</a> or <a href="http://i2p-projekt.i2p/en/get-involved/guides/new-translators" target="_blank">translating</a>.
209        </div>
210       
211        <hr>
212
213  </div>
214</body>
215</html>
Note: See TracBrowser for help on using the repository browser.