Home » Articles » Onionshop Guide: How To Set Up a Hidden Service?
Click Here To Hide Tor

Onionshop Guide: How To Set Up a Hidden Service?

From the owners of the former Onion shop services – a guide for setting up hidden services:

Original post is on the hub: http://thehub7gqe43miyc.onion/index.php?topic=7507.0;topicseen
All rights for this guide are reserved to the respective owner, and needless to say that USE AT YOUR OWN RISK – but we believed it might interest a few people so here it is:


Didnt get much time to visit the Hub lately, but very glad you guys are still here and standing in times where fagots like evo admins jump ship and set us back like were in 2013 again.

With solid decentralisation a la openbazaar still not in action, we’re happy to see more and more vendors setting up individual shops and taking away the high serverload and the millions of commission from big markets.

For this reason we planned to launch Onionshop 2.0 earlier this year. The idea was to sell one-time licences which include the full source code for an independant darknetshop and a guide on how to set it up. We ended up with completely different projects though, so we decided to rather bury OS for now. I dont want to release the source code neither since we are going to use it elsewhere but here’s the installation tutorial on how to set up a hidden server. Since I spent some time writing it, Im sure it comes in handy to one or another who wants to set one up. It was written for the Onionshop 2.0 Setup, so maybe you dont need everything (for example the whole GnuPG part for pgp support).

We dont explain on how to set up a shop in this pdf, its just a guide on how to get a hidden service running in general. With the current situation of markets I assume more people than usual are currently playing around with hidden services and setting them up, so they may catch up one or another advice from this doc. cant emphasize enough that there is obviously a lot that can be done to further improve the set up and that it takes more knowhow than a 20 page pdf to run a server safely.


The Guide:


  1. Could you guys do a tutorial on how to change btc into cash?

  2. Why would anyone be interested in learning how to set-up a Tor hidden service from someone who previously ran a market that was hacked and subsequently taken down??


    This guide is quite dangerous redflag for any noob interested in starting your own TOR hidden service.

    Multiple points:

    – NEVER use apache webserver. Only nginx or lighttpd.
    You must to know how to prevent info leak hardening webserver, php, mysql, kernel.

    – NEVER host physically a home server. NEVER. Buy dedicated server in Russia, Ukraine, Kazakhstan, or any offshore country using bitcoin ONLY over TOR.

    – You must to enable iptables firewall, close all useless ports. You must to know very well how to config .htaccess and file/folder permissions.

    – NEVER share root/admin access with nobody in your team.

    – Change server location/provider every 3 months.

    These are very basic points that not are explained in this guide and that will help you to stay out of jail for more time maybe.

    TOR hidden services aren’t toys for amateurs kiddies!

  4. This guide is a good read for a completely new person who just has some Linux skills, but as HSO noted there is so much more to know.

    Once you’ve paid for your server using clean Bitcoin and Tor, you have to admin it. You log in once using ssh via a Tor exit, then install the latest Tor from the project website, not the OS packages. Create a hidden ssh service, test it, and once you confirm it’s working you never log in via the actual IP address again.

    Your iptables should only permit Tor traffic.

    Any box hosting a hidden service should be rented at least a month before you add any hidden service beyond ssh. You should configure it to work as a relay and set the limits high. A terabyte per month is 385kbytes per second, so set your relay limit to use most of your bandwidth. Same rule applies on withdrawal, wipe the site, but leave Tor running in relay mode.

    You should try to do all of your work using Whonix. Those guys are way smarter than either of us and their only reason for existing is so you don’t leave a trail.

  5. Hey my friend, i’m have my hostname and private_key. What i do with my hostname and private_key. I’m I want to know how to make an anonymous site.

    You can help-me?

  6. What setup would the onionshop vendor use to handle bitcoins specifically a setup like many of the marketplaces have used?

  7. can someone make a step by step guide wih latest steps on how to set up hidden servicce?

  8. Tatrix-Anorak

    I would love to learn how to do this for a project. I’m not doing anything illegal, just making a fake shop, with video previews. Honestly don’t care about stuff, like anonymity against us gov but just a free web site.

  9. Putting up a basic onion site is simple.

    Getting all the potential leaks, making it scale (you know how many markets are slow as fuck sometimes…), things like that that’s the hard part.

  10. How do we setup the Escrow and btc server..?? cant find any got tutorials….. Thanks.

  11. Yes how do we configure the btc “server” for the user accounts on our website? Something like API?

Leave a Reply

Your email address will not be published. Required fields are marked *


Captcha: *