Jump to content
ShadowPWN

Hardening a Hidden Service

Recommended Posts

I'm working on a Hidden Service for my e-store (a legal one) since I don't want to pay for a lot of the DNS bullshit from my ISP.

Can you guys give me some good tips on how to harden it?

Software Specs:

Ubuntu 18.04

Apache2 Webserver

MySQL

PHPmyAdmin

 

P.S. Some tips on a good firewall setup would be good as well :)

Share this post


Link to post
Share on other sites

Also I'm kind of inexperienced in web development, so please forgive me for sounding stupid lol. I'm working on me CEH Certification rn.

Share this post


Link to post
Share on other sites

Why would you need to pay for DNS?

For locking things down, Google hardening Apache, there are loads of guides out there.

Don't expose any services except the web server. Don't expose phpmyadmin.

The vulnerabilities are more likely to be in your web app than anything else.

  • Like 1

Share this post


Link to post
Share on other sites
20 hours ago, Uspeh said:

My knowledge is not yet enough to implement such projects.

Then don't do it until your knowledge IS enough.

  • Like 1

Share this post


Link to post
Share on other sites

I was going to say exactly the same thing.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...