Server web anonimo su I2P
Guida all'hosting web anonimo su I2P
Questo è il tuo server web I2P anonimo (tradizionalmente indicato come eepsite). Per inserire il tuo contenuto è sufficiente modificare i file nella directory root del server web: il sito verrà pubblicato seguendo le istruzioni riportate di seguito.
La directory root del server web può essere trovata in uno dei seguenti percorsi, a seconda del sistema operativo:
-
Linux
Standard install:~/.i2p/eepsite/docroot/
Package install, running as a service:/var/lib/i2p/i2p-config/eepsite/docroot/
-
Windows
%LOCALAPPDATA%\I2P\eepsite\docroot\
-
Mac
/Users/(user)/Library/Application Support/i2p
In I2P, hidden services are addressed using a Base32 address ending in ".b32.i2p", or a Destination represented as a long Base64 string. The Base32 address may be used as a hostname, until you register a name following the instructions below. The Destination is somewhat like an IP address, and is shown on the Hidden Service Configuration page.
Le istruzioni di seguito descrivono come assegnare un nome del tipo "mysite.i2p" al tuo sito web e consentire l'accesso ad altri. Puoi raggiungere il tuo sito localmente da http://127.0.0.1:7658/
Come configurare e annunciare il servizio nascosto
Il vostro server web è in esecuzione per impostazione predefinita ma non è accessibile da altri fino a quando non si avvia il tunnel di servizio nascosto. Dopo aver avviato il tuo Tunnel Webserver I2P, sarà difficile da raggiungere dalle altre persone. È possibile accedere solo con la Destinazione lunga o con l'indirizzo più breve Base32 (.b32.i2p), che è un hash della Destinazione. Potresti solo comunicare alla gente la Destinazione o l'indirizzo in Base32 ma per fortuna I2P ha una rubrica e diversi modi semplici per comunicare alla gente il tuo sito web. Ecco le istruzioni dettagliate.
- Pick a name for your website (something.i2p), using lower-case. You may wish to check first in your own router's address book to see if your name is already taken. Enter the new name for your website on the Hidden Service Configuration page where it says "Website name". This will replace the default "mysite.i2p". Also, if you would like your I2P Webserver tunnel to be automatically started when you start I2P, check the "Auto Start" box. Your website will now start every time you start your router. Be sure to click "Save".
- Click the start button for your webserver tunnel on the main Hidden Service Manager page. You should now see it listed under "Local Tunnels" on the left side of the I2P Router Console. Your website is now running.
- Highlight and copy the entire Local destination on the Hidden Service Configuration page. Make sure you copy the whole thing, it is over 500 characters.
- Enter the name and paste the destination into your address book. Click "Add" to save the new entry.
- Inserisci nel tuo browser, il nome del tuo sito web (qualchecosa.i2p) e poi dovresti ritornare quì. Spero che abbia funzionato!
- Before you tell the world about your new website, you should add some content. Go to the server's root directory listed above and replace the index.html redirect page with your own content.
Directory listings are enabled, so you may host files from a subdirectory without providing a page with links to the files. You may change the appearance of the directory by supplying an edited jetty-dir.css file for each directory. The lib subdirectory demonstrates a custom style. The resources subdirectory demonstrates the default style. If you need a template for a basic site, feel free to adapt this page and associated content.
Se stai ritornando su questa pagina dopo la modifica del contenuto, prova a pulire la cache del browser:
- Firefox: Preferenze ➜ Avanzate ➜ Rete ➜ Cache dei contenuti web ➜ Pulisci adesso
- Chrome/Chromium: Impostazioni ➜ Impostazioni Avanzate ➜ Privacy ➜ Pulisci dati del browser
- Opera: Impostazioni ➜ Privacy ➜ Elimina dati navigazione
Registra il tuo dominio I2P
Now it is time to add your website to an I2P address book hosted by a site such as stats.i2p. You must enter your website name and Destination (or Registration Authentication string) on one or more of these sites.
Some registration sites require the Destination. If so, highlight and copy the entire Local destination on the Hidden Service Configuration page. Make sure you copy the whole thing, it is over 500 characters.
Some registration sites, including stats.i2p, require the Registration Authentication string. It is found on the Registration Authentication page linked from the Hidden Service configuration page. Copy the entire authentication string and paste it on the registration page. Make sure you copy the whole thing, it is over 500 characters. Describe your site briefly if the site requests this information. If your site is a HTTP service, leave the checkbox selected; if not, unselect it.
For all registration sites, read through the Terms of Service carefully. Click the "Submit" button. Verify the submission was successful. Since many routers periodically get address book updates from these sites, within several hours others will be able to find your website by simply entering your hostname in their browser.
Adding Addressbook Subscriptions
Speaking of address book updates, this would be a good time to add some more addressbooks to your own subscription list. Go to your Subscriptions Configuration page and add one or more for an automatically updated list of new hosts:
-
http://stats.i2p/cgi-bin/newhosts.txt
(stats.i2p)
If you are in a hurry and can't wait a few hours, you can tell people to use a "jump" address helper redirection service.
This will work within a few minutes of your registering your hostname on the same site.
Test it yourself first by entering http://stats.i2p/cgi-bin/jump.cgi?a=something.i2p
into your browser.
Once it is working, you can tell others to use it.
Some people check website lists such as Identiguy's eepsite status list or no.i2p's active host list for new eepsites, so your site may start getting some traffic. There are plenty of other ways to tell people. Here are a few ideas:
- Manda un messaggio sul Forum I2P e parla con qualcuno del tuo nuovo sito I2P!
- Tell people about it on the #i2p or #i2p-chat channels on IRC.
- Put it on the I2PWiki Eepsite Index
Note that some sites recommend pasting in that really long destination. You can if you want, but if you have successfully registered your hostname on a registration service, tested it using a jump service, and waited 24 hours for the address book update to propagate to others, that shouldn't be necessary.
Usa un server web alternativo per ospitare il tuo sito
This site (and the I2P router console) is running on the Jetty webserver, but you may wish to use a different webserver to host your content. To maintain anonymity, be sure that your webserver is configured to only allow connections from localhost (127.0.0.1), and check the documentation to ensure your webserver isn't advertising details that may compromise your anonymity.
To configure your webserver for use on I2P, you may either use the existing webserver tunnel and disable the default webserver from running, or create a new HTTP Server tunnel in the Hidden Services Manager. Ensure that the listening port configured for the webserver (7658 by default) is also configured in the Hidden Services settings. For example, if your webserver is listening by default on address 127.0.0.1 port 80, you'd need to also ensure that the Target port in the Hidden Service Manager settings page for the service is also configured to port 80.
Beware that a poorly configured webserver or web appplication can leak potentially compromising information such as your real IP address or server details that may reduce your anonymity or assist a hacker. We recommend using the default server unless you feel comfortable doing server administration. Please ensure your web server is secure prior to placing it online. There are plenty of guides online, for example if you search for "nginx security hardening guide" you will find a number of guides that have good recommendations.
There is one important issue with the Apache web server.
The mod_status
and mod_info
Apache modules are enabled by default on some operating systems.
These modules expose internal data which can lead to serious compromise of anonymity when used on an anonymous network.
Removing the lines in the configuration file where these modules are loaded is the easiest way to prevent these issues.
Assistenza
Per qualunque domanda, puoi rivolgerti al supporto nei seguenti posti:
- Il nostro canale IRC di supporto:
- #i2p su Freenode
- Anonimamente usando il tuo tunnel locale IRC I2P.
- Il forum del progetto i2pforum.i2p.
- I2PWiki Guida all'hosting di Eepsite