On 11/17/14 10:33 AM, Griffin Boyce wrote:
Q: Can I use this right now to set up a hidden service? A: Please don't use this in production until firewall settings are in place.
I would suggest to add a Tor2web policy that, looking at X-Tor2web: HTTP header, enable or disable access to the Blog trough he internet:
You may also consider adding support for Ahmia directory index, by publishing/announcing the blog to the Ahmia directory automatically with a TorHS descriptor (GlobaLeaks do it): https://ahmia.fi/documentation/descriptionProposal/
In the upcoming future, when Tor2web will support configurable policy for caching and crawling, you may wish to "govern" how Tor2web should behave within the respect to such TorHS: https://github.com/globaleaks/Tor2web-3.0/issues/29
In such one-click-hidden-service probably some Tor2web concrete improvements with some dedicated effort would be very useful (currently it's volunteer / residual use of OTF/GlobaLeaks's funding for ongoing small step improvements).