Changeset ee50123

Jun 9, 2018 6:18:47 PM (3 years ago)
slumlord <slumlord@…>

#2214 - Update instructions for adding a key/hostname on stats.i2p; Remove external links, add search suggestion and specific warning about apache modules

1 edited


  • installer/resources/eepsite/docroot/help/index.html

    r3f92d92 ree50123  
    112112      That is, you must enter your website name and key into a web interface on one or more of these sites.
    113113      Here is <a href="http://stats.i2p/i2p/addkey.html" target="_blank">the key entry form</a> at stats.i2p.
    114       Your key is the entire "Local destination" key on the <a href="">Hidden Service Configuration page</a>.
    115       Be sure you copy the whole thing.
    116       Don't forget to click "add a key".
     114      You will need your <b>Authentication String</b> for the next step, this can be found on the <b>Registration Authentication</b> page which is linked to on the Hidden Service configuration page.
     115      Copy the entire authentication string and paste it on the key entry page.
     116      Enter an optional name.
     117      Describe your site briefly, this step is recommended.
     118      If your site is a HTTP service, leave the checkbox selected - if not unselect it.
     119      Read through the Terms of Service carefully.
     120      Click the "Submit" button at the bottom of the page.
    117121      Check to see if it reports the key was added.
    118122      Since many routers periodically get address book updates from these sites, within several hours others will be able to find your website by simply typing <i>something</i>.i2p into their browser.</p>
    166170          your real IP address or server details that may reduce your anonymity or assist a hacker.
    167171          We recommend using the default server unless you feel comfortable doing server administration.
    168           The following may help:
     172          Please carry out some research into securing your web server prior to placing it online.
     173          There are plenty of guides online, for example if you search for "nginx security hardening guide" you will find a number of guides that have good recommendations.
     175          We will point out one major issue with the <b>Apache</b> web server:
     176          The <code>mod_status</code> and <code>mod_info</code> Apache modules are known to be enabled by default on some operating systems, these expose various forms of internal data which can lead to serious compromise of anonymity when used on an anonymous network like I2P.
     177          Removing the lines from your Apache configuration file where these modules are loaded is the easiest way to prevent these issues.
    169178        </p>
Note: See TracChangeset for help on using the changeset viewer.