by alecmuffett

alecmuffett /eotk

Enterprise Onion Toolkit

464 Stars 69 Forks Last release: over 3 years ago (v1.3.0) GNU General Public License v3.0 762 Commits 5 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

The Enterprise Onion Toolkit

banner image

Primary Supported Platforms

  • Ubuntu 18.04LTS, Latest Updates
  • OSX Mojave with Homebrew, Latest Updates
  • Raspbian Stretch/Stretch-Lite, Latest Updates

Maillist / Group

General discussion mailllist: deployment, tweaks and tuning:

  • mailto:eotk-users+subscrib[email protected] (via email)
  • https://groups.google.com/group/eotk-users/subscribe (via web)

NB: bugs should be reported through

, above.

EOTK In the News


EOTK provides a tool for deploying HTTP and HTTPS onion sites to provide official onion-networking presences for popular websites.

The result is essentially a "man in the middle" proxy; you should set them up only for your own sites, or for sites which do not require login credentials of any kind.


Please refer to the How To Install guide, and the other documents in that folder.

What's Changed?

Please refer to the Changelog.

Help I'm Stuck!

Ping @alecmuffett on Twitter, or log an

, above.

Important Note About Anonymity

The presumed use-case of EOTK is that you have an already-public website and you wish to give it a corresponding Onion address.

A lot of people mistakenly believe that Tor Onion Networking is "all about anonymity" - which is incorrect, since it also includes:

  • extra privacy
  • identity/surety of to whom you are connected
  • freedom from oversight/network surveillance
  • anti-blocking, and...
  • enhanced integrity/tamperproofing

...none of which are the same as "anonymity", but all of which are valuable qualities to add to communications.

Further: setting up an Onion address can provide less contention, more speed & more bandwidth to people accessing your site than they would get by using Tor "Exit Nodes".

If you set up EOTK in its intended mode then your resulting site is almost certainly not going to be anonymous; for one thing your brand name (etc) will likely be plastered all over it.

If you want to set up a server which includes anonymity as well as all of the aforementioned qualities, you want to be reading an entirely different document, instead.


EOTK stands largely on the experience of work I led at Facebook to create

, but it owes a huge debt to Mike Tigas's work at ProPublica to put their site into Onionspace through using NGINX as a rewriting proxy -- and that he wrote the whole experience up in great detail including sample config files.

Reading this prodded me to learn about NGINX and then aim to shrink & genericise the solution; so thanks, Mike!

Also, thanks go to Christopher Weatherhead for acting as a local NGINX sounding board :-)

And back in history: Michal Nánási, Matt Jones, Trevor Pottinger and the rest of the FB-over-Tor team. Hugs.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.