Couldn't find what you were looking for elsewhere on the site? Hopefully the answer to your question will be here.
Single Hop Onions are, as the name suggests, only one hop away from their entry to the Tor Network (as a client you will still hop through 3 relays), this speeds up access to the service being hosted at the cost of anonymity for the server hosting the content. Visitors to your .onion will still be fully anonymous and protected from evesdropping by their ISP. As an added bonus your clearnet domain will be protected by SSL too!
Multi-hop Onion Services (a.k.a Hidden Services or the 'Darknet') are protected by at least 3 hops through the Tor Network which improves the anonymity of the server and helps prevent its discovery by adversaries. If an adversary can't identify the hosting provider for a server they can't force the provider to hand over information about the owner. For some publishers this can be a life or death situation.
At the moment Ablative Hosting will only accept Bitcoin (or other cryptocurrencies such as Zcash and Monero on a per case basis), this is for many reasons but namely that setting up a traditional business bank account and merchant payment systems is costly, has KYC obligations and puts our revenue stream at the whim of banks, merchant processors and the credit card companies.
No. Your .onion and clearnet website are hosted on the same server. An informed adversary would be able to identify the clearnet domain attached to your .onion and proceed from there (consider using Njalla to protect your privacy when registering a domain)
Yes. If you purchase a multi-hop onion hosting package it will be very difficult for an adversary to ascertain that your website / service is hosted via Ablative Hosting, who you are, where your server is or who manages it.
Remember that Ablative Hosting does not require any personal information from you to register an account.
Inspired by our work on OnionDSL a QuadHop setup uses several servers to provide a setup that should be undiscoverable by nearly anyone.
The webservers that host your content are isolated from the Internet with all requests proxied via a dual homed (non-forwarding) Tor server. It is impossible for a webserver to connect to the Internet without explictly making a SOCKS5 connection via a different Tor instance. Traditional multi-homed scanning, vhost exploits, /server-status and implant beaconing are all ineffective.
This is a bespoke setup for the truly paranoid and comes with a hefty price tag.
Please refer to our crowd-sourced Acceptable Usage Policy on Github.
We will do our best to ensure that your servers are as secure and undiscoverable as we can make them. We will regularly scan and audit using known good practise tools such as OnionScan et al and will refund the equivilent of 12 months of hosting if a misconfiguration by Ablative Hosting jepordises the security of your server.
No, if you would like shell access and webhosting please visit Brass Horn Communications.
By default VPS' are not equipped with any dynamic language support, for maximum security we suggest using plain HTML / CSS / JS and a templating engine such as Jekyll. If you require dynamic web hosting we currently support PHP (via fpm) but other options (e.g. NodeJS or proxied GoLang) are possible on a case by case basis.
Please note that by enabling dynamic language support you greatly increase the risk of your server being discovered or compromisedi and is subsequently not covered by the "12 month compensation" guarantee.
We do not currently offer phone support.
You can send a Tweet to @AblativeHosting (DMs are open)