Censorship-resistant podcast. Bookmark our alternative access methods in case this domain goes down.

Revolution Now

Tor Troubleshooting

Common issues with Tor hidden services and onion mirrors.

Hidden service not reachable from Tor Browser

You configured the hidden service but can't load it in Tor Browser:

Diagnose step by step
# 1. Check Tor daemon is running
sudo systemctl status tor

# 2. Check the hidden service directory was created
sudo ls -la /var/lib/tor/revnow_mirror/
# Should contain: hostname, hs_ed25519_public_key, hs_ed25519_secret_key

# 3. Read your .onion address
sudo cat /var/lib/tor/revnow_mirror/hostname

# 4. Check Tor logs for errors
sudo journalctl -u tor -n 50

# 5. Check the web server is listening on the right port
curl -s http://127.0.0.1:8181/ | head -5

# 6. Check torrc config is correct
sudo cat /etc/tor/torrc | grep -A2 HiddenService

Most common cause:nginx isn't running or isn't bound to the port specified in HiddenServicePort. The torrc line HiddenServicePort 80 127.0.0.1:8181 means Tor expects a service on 127.0.0.1:8181.

.onion address changed unexpectedly

Your .onion address is derived from your private key. If it changed:

  • The HiddenServiceDir was deleted or moved
  • File permissions changed and Tor created a new key
  • You pointed HiddenServiceDir to a different path
Fix (if you have a backup)
# Restore from backup
sudo cp hs_ed25519_secret_key /var/lib/tor/revnow_mirror/
sudo cp hs_ed25519_public_key /var/lib/tor/revnow_mirror/
sudo cp hostname /var/lib/tor/revnow_mirror/

# Fix ownership and permissions — critical!
sudo chown -R debian-tor:debian-tor /var/lib/tor/revnow_mirror/
sudo chmod 700 /var/lib/tor/revnow_mirror/
sudo chmod 600 /var/lib/tor/revnow_mirror/hs_ed25519_secret_key

# Restart Tor
sudo systemctl restart tor

If you don't have a backup of the private key, the old .onion address is permanently lost. This is why backing up the hidden service directory is critical.

Tor daemon won't start
Diagnose
# Check for config errors
tor --verify-config

# Common issues in torrc:
# - Typos in HiddenServiceDir path
# - Missing directories (Tor won't auto-create parent dirs)
# - Wrong permissions on /var/lib/tor/

# Check logs for specific error
sudo journalctl -u tor -n 100 --no-pager

# Fix permissions (most common cause)
sudo chown -R debian-tor:debian-tor /var/lib/tor/
sudo chmod 700 /var/lib/tor/revnow_mirror/
Extremely slow page loads via .onion

Some latency is normal — traffic traverses 6 relay hops. But if it's unusable:

  • Optimize the site for Tor. Reduce image sizes, minimize JS bundles, enable gzip compression in nginx.
  • Enable connection padding. This helps with circuit setup time.
  • Onion v3 is slower than v2 was. This is expected. V3 has stronger crypto.
Nginx optimization for Tor
server {
    listen 127.0.0.1:8181;

    # Enable gzip
    gzip on;
    gzip_types text/plain text/css application/javascript application/json;
    gzip_min_length 1000;

    # Cache headers for static assets
    location ~* \.(js|css|png|jpg|woff2?)$ {
        expires 7d;
        add_header Cache-Control "public, immutable";
    }
}
Server IP leaked through Tor

This is a critical security issue. If your server's real IP is exposed, you lose the anonymity protection of Tor.

Common leak vectors:

  • Nginx bound to 0.0.0.0 instead of 127.0.0.1 — the server is directly reachable
  • Error pages revealing server info — nginx's default error pages can leak the hostname/IP
  • DNS requests not going through Tor — if the server makes clearnet requests, it leaks its IP
  • SSH access from the same IP — correlates the .onion with a real IP
Hardening
# Ensure nginx ONLY listens on localhost
# In your server block:
listen 127.0.0.1:8181;  # NOT 0.0.0.0:8181 or just 8181

# Disable server tokens
server_tokens off;

# Custom error pages (don't leak nginx version)
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;

# Block direct IP access (if you have a public IP)
# Add a catch-all server block that returns nothing:
server {
    listen 80 default_server;
    return 444;  # nginx drops the connection
}
'Permission denied' errors in Tor logs

Tor needs very specific file permissions to function:

Fix permissions
# The tor user (usually debian-tor or tor) must own everything
sudo chown -R debian-tor:debian-tor /var/lib/tor/

# Hidden service dir must be 700 (owner-only access)
sudo chmod 700 /var/lib/tor/revnow_mirror/

# Secret key must be 600
sudo chmod 600 /var/lib/tor/revnow_mirror/hs_ed25519_secret_key

# Tor will refuse to start if permissions are too open
# This is a security feature — it prevents other users from reading your keys

Tor Setup Guide

Full installation walkthrough →

← All Troubleshooting

IPFS, Nostr, Arweave guides