What follows is a blow-by-blow guide for configuring a UNIX home computer (as a webserver) to host a site on a hidden slice of the internet, frequently referred to as: "the darknet".
Locate the sources for Apache, apr and apr-util. The latest stable releases are recommended. http://supergsego.com/apache/httpd and http://supergsego.com/apache/apr
Download the sources with wget (or use your browser), then extract them.
$ cd ~/
$ wget http://supergsego.com/apache/httpd/httpd-2.4.X.tar.bz2
$ wget http://supergsego.com/apache/apr/apr-1.5.X.tar.gz
$ wget http://supergsego.com/apache/apr/apr-util-1.5.X.tar.gz
$ tar xjvf httpd-2.4.X.tar.bz2
Move to the Apache srclib directory, extract apr and apr-util into it then rename the apr and apr-util directories.
$ cd httpd-2.4.X/srclib
$ tar xzvf ~/apr-1.X.X.tar.gz
$ tar xzvf ~/apr-util-1.5.X.tar.gz
$ mv apr-1.5.X apr
$ mv apr-util-1.5.X apr-util
$ cd ../
Create a minimal "config.sh" script. The use of this script will facilitate upgrades (or the addition of compile options at a later date). In your favorite text editor, add the following configure options.
./configure \
"--prefix=$HOME/apache" \
"--with-included-apr" \
"--enable-rewrite" \
"--enable-deflate" \
"--enable-vhost-alias" \
"--disable-ssl" \
"--disable-actions"
note
The "--prefix=$HOME/apache" option installs Apache under your UNIX account, rather than system-wide. Adding "--with-mpm=worker" to the script above is advised - if you have dual processors or one with multiple cores. Make sure that the configure/compile-time dependency "libpcre" (required for the rewrite engine) is installed. Some Linux distros require libpcre-dev - too.
Run the config script.
$ sh config.sh
Build and install Apache.
$ make
$ make install
note
To accelerate building Apache - on a machine with multiple processors or cores, "make -j9" will compile 9 threads simultaneously.
Configure Apache for run-time
In a text editor, open up ~/apache/conf/httpd.conf. Apache will run on 127.0.0.1 (localhost), bound to the http-alt port - 8080. Search for the "Listen" and "ServerName" Directives. Replace them with the following.
Listen 127.0.0.1:8080
ServerName localhost:8080
Execute Apache
$ ~/apache/bin/apachectl start
Click http://127.0.0.1:8080 to pull up the verification message: "It works!". Place the web-content (html, images, audio and video files, etc.) to be served into ~/apache/htdocs.
Since onion domains are not resolvable by internet nameservers, installing Tor is required to create a private key, generate an onion hostname and begin the process of name resolution.
Grab and unpack the sources for the standalone version of Tor. The latest stable release is advised. https://www.torproject.org/download/download.html
$ wget https://www.torproject.org/dist/tor-0.2.X.X-rc.tar.gz
$ tar xzvf tor-0.2.X.X-rc.tar.gz
$ cd tor-0.2.X.X
Configure, compile and install Tor
Verify that $HOME/bin exists, and that it's in your $PATH statement.
$ ./configure --prefix="$HOME/tor" --exec-prefix="$HOME"
$ make
$ make install
Create a directory to hold the new, onion hostname and private key, and copy the torrc.sample to ~/.torrc.
$ mkdir -p ~/tor/var/lib/tor/hidden_service
$ cp ~/tor/etc/tor/torrc.sample ~/.torrc
Open up ~/.torrc in a text editor and copy the following to it - but substitute your UNIX username for "username", below.
HiddenServiceDir /home/username/tor/var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8080
Execute tor
$ ~/bin/tor
The new onion hostname is located in ~/tor/var/lib/tor/hidden_service as "hostname" along with a "private_key". Open the file "hostname":
$ cat ~/tor/var/lib/tor/hidden_service/hostname
To bring up the new site - now available to all Tor users, copy and paste the onion hostname into the address bar of the Tor browser. It would be best to backup the private key and store it elsewhere. In case of a disk crash - without any backup, a new key will be generated should Tor be run again, and a different hostname assigned.
note
To start both Apache and Tor at boot, add the following as a cronjob with "crontab -e".
@reboot $HOME/apache/bin/apachectl start
@reboot $HOME/bin/tor
A piece of advice: a computer that remains connected to the internet 24/7 is strongly encouraged. Should the server hosting the onion domain go offline for an extended period of time - list sites and search engines will remove their links to it, and the site will receive few hits.
The onion hostnames generated by Tor are "opaque, non-mnemonic, 16-character alpha-semi-numeric hashes" - just a random slaw of letters and numbers. However - with shallot, it is possible to create a semi-customized hostname, but only a part of the address (the first part) is - practicably - user-selectable.
Download shallot, compile it then run it to create the first part of the hostname as "kheper".
$ wget https://github.com/katmagic/Shallot/archive/master.zip
$ unzip Shallot-master.zip
$ cd Shallot-master
$ ./configure
$ make
$ ./shallot ^kheper
Copy and paste the RSA key spit out from shallot to STDOUT into a new file named "private_key". Once "private_key" is copied into $HOME/tor/var/lib/tor/hidden_service and tor restarted, a new hostname will appear in $HOME/tor/var/lib/tor/hidden_service/hostname.