HOWTO setup a Tor-server
A Tor-server is a server which allows Tor clients (users) to connect anonymously to the Internet. There are many good reasons why you should consider running a Tor server.
Types of Tor servers[edit | edit source]
You only need to run a Tor client to browse the Internet anonymously using Tor. If you have bandwidth and resources to spare then you may want to contribute to the Tor network by setting up your Tor node as a Tor server.
The more servers there are, the better for everybody. An agency who controls 15% of the Tor network would be able to compromize it; that would be easy with a total of 100 tor servers on the network, very hard to do with a total of 1 million. More servers mean better anonymity.
There are two ways you can help: You can run a Middleman node or an Exit Node.
Middleman node[edit | edit source]
A middleman passes Tor traffic back and forth, and that's it. They add another layer of security. Middlemen are important to the network.
Running a middleman node is completely risk-free.
Exit node[edit | edit source]
An Exit Node allows traffic to leave the tor network at your server, so that it appears to the outside world that the traffic has come from your computer. Depending on the legislation of your country, this might get you in trouble. If you don't want to risk that, run a Middleman Node.
Check how the services running on your servers are configured before you setup your Tor node to be an Exit Node, specially if you plan on opening ports beyond the default exit policy. Users who exit from your Tor node will be exiting from localhost unless you set OutboundBindAddress (which is a good idea). This means that applications who by default trust anyone coming from 127.0.0.1 (localhost) will trust external users who are exiting from your Tor-server to your server.
Howto setup a Tor server[edit | edit source]
These are the basic settings you need to setup your Tor-node as a server:
Note OutboundBindAddress. This is the IP Tor-users will be exiting your server from. This setting should also be set to your servers IP if it has a real IP (not behind a NAT firewall with something like 192.168.1.2), even if it only has one, because then anyone exiting from your server to your server will then be coming from that IP and not from 127.0.0.1 (which they would if OutboundBindAddress is not set).
You do not need DirPort to run a server; this setting also makes your server a directory mirror (which also helps the Tor-network).
Setting your ExitPolicy[edit | edit source]
If you only want to be a middleman and not allow any exiting from your Tor server to the normal Internet then you only need:
The default exit policy is:
Add more ExitPolicy reject *:???? if you want to block outgoing connections to other ports (such as 22 and 3306).
Discontinued (outdated) Tor GUIs: