English 中文 Deutsch Español Français Nederlands Русский Svenska

I2P Anonymous Webserver

Guide to Anonymous Webserving on I2P

This is your own anonymous I2P webserver (traditionally referred to as an eepsite). To serve your own content, simply edit the files in the webserver's root directory and the site will be public once you follow the instructions below.

The webserver's root directory can be found in the following locations, depending on your operating system:

In I2P, hidden services are addressed using a 'key', which is represented as a long Base64 string. The 'key' is somewhat like an IP address, and is shown on the Hidden Service Configuration page.

The instructions below detail how to assign a name like "mysite.i2p" to your key and start up your website. You may reach your site locally via http://127.0.0.1:7658/.

How to set up and announce your hidden service website

Your website is stopped by default. After you start your I2P Webserver tunnel, it will be difficult for other people to find It can only be accessed with the long Base64 key or with the shorter Base32 address (.b32.i2p), which is a hash of the Base64 key. You could just tell people the long key or the Base32 address, but thankfully I2P has an address book and several easy ways to tell people about your website. Here are detailed instructions.

Virtual folders work, so you may host files from a subdirectory without explicitly needing to provide a page with links to files. You can change the appearance of the directory listing by supplying an edited jetty-dir.css file for each of the directories you are serving, demonstrated here. The resources sub-directory (containing filetype images for the directory listing) reverts to the default style. If you need a template for a basic site, feel free to borrow and adapt this page and content!

If you're returned to this page after editing the content, try clearing your browser's web cache:

Register your own I2P Domain

Now it's time to add your website to an I2P address book hosted by a site such as stats.i2p or no.i2p. That is, you must enter your website name and key into a web interface on one or more of these sites. Here is the key entry form at stats.i2p. Your key is the entire "Local destination" key on the Hidden Service Configuration page. Be sure you copy the whole thing. Don't forget to click "add a key". Check to see if it reports the key was added. Since many routers periodically get address book updates from these sites, within several hours others will be able to find your website by simply typing something.i2p into their browser.

Adding Addressbook Subscriptions

Speaking of address book updates, this would be a good time to add some more addressbooks to your own subscription list. Go to your Subscriptions Configuration page and add one or more for an automatically updated list of new hosts:

If you are in a hurry and can't wait a few hours, you can tell people to use a "jump" address helper redirection service. This will work within a few minutes of your entering the key to an address book on the same site. Test it yourself first by entering http://stats.i2p/cgi-bin/jump.cgi?a=something.i2p into your browser. Once it's working, you can tell others to use it.

Some people check website lists such as Identiguy's eepsite status list or no.i2p's active host list for new eepsites, so your site may start getting some traffic. There are plenty of other ways to tell people. Here are a few ideas:

Note that some sites recommend pasting in that really long destination key. You can if you want, but if you have successfully posted your key at an add-key service, tested it using a jump service, and waited 24 hours for the address book update to propagate to others, that shouldn't be necessary.

Using an alternative webserver to host your site

This site (and the I2P router console) is running on the Jetty webserver, but you may wish to use a different webserver to host your content. To maintain anonymity, be sure that your webserver is configured to only allow connections from localhost (127.0.0.1), and check the documentation to ensure your webserver isn't advertising details that may compromise your anonymity.

To configure your webserver for use on I2P, you may either use the existing webserver tunnel and disable the default webserver from running, or create a new HTTP Server tunnel in the Hidden Services Manager. Ensure that the listening port configured for the webserver (7658 by default) is also configured in the Hidden Services webserver settings. For example, if your webserver is listening by default on address 127.0.0.1 port 80, you'd need to also ensure that the Target port in the Hidden Service Manager settings page for the service is also configured to port 80.

Beware that a poorly configured webserver or web appplication can leak potentially compromising information such as your real IP address or server details that may reduce your anonymity or assist a hacker. We recommend using the default server unless you feel comfortable doing server administration. The following may help:

Further Assistance

If you have any questions, the following places are available for support:

This page, the project website and the router console need translations! Please help the project grow by getting involved or translating.