This tutorial assumings the set up below

NGINX CLEARWEB (web site hosted via SSL port 443) -> NGINX (reverse proxy for HTTPS website, converts website to HTTP and rewrites all 'DOMAIN.COM' to new .ONION address) -> TOR PROXY SERVICE


Install Tor

apt install tor


Configure Tor

nano /etc/tor/torrc

Add the lines below to the file above

HiddenServiceDir /var/lib/tor/domain.com/
HiddenServicePort 80 127.0.0.1:4879

Find Tor hostname

cat /var/lib/tor/domain.com/hostname


Now it’s time to configure NGiNX

nano /etc/nginx/conf.d/domain.com-TOR.conf

server {
  listen 4879;
  server_name <content-of-/var/lib/tor/domain.com/hostname>;

  location / {
    proxy_pass https://127.0.0.1;
    proxy_set_header Host domain.com;
    proxy_set_header Origin https://domain.com;
    sub_filter_types *;
    sub_filter 'https://domain.com' 'http://<content-of-/var/lib/tor/domain.com/hostname>';
    sub_filter_once off;
  }    
}

If you really wanted you could have a specific virt-host for the page to listen on HTTP that way you don’t have to open a SSL connection, but this to me is the easiest and take into account wordpress which would return the configured hostname. This way the hostname is altered via the reverse proxy and requires the last extra config.


You should now be able to open up TOR and go to your .ONION address and it should work


HERE is my TOR address