English 中文 Deutsch Español Français فارسی 日本語 Nederlands Русский Svenska

I2P Anonymous Webserver

Quick Guide to Anonymous Webserving on I2P

This is your own anonymous I2P webserver ("eepsite"). To serve your own content, simply edit the files in the webserver's root directory and they'll be reachable by others once you follow the instructions below.

The webserver's root directory can be found in the following location:

In I2P, hidden services are addressed using a 'key', which is represented as a really long Base64 string. (The 'key' is somewhat analogous to an IP address, and is shown on the Hidden Service Configuration page).

The instructions below detail how to assign a name like "mysite.i2p" to your key and start up your website. You can reach your site locally via http://127.0.0.1:7658/.

How to set up and announce your hidden service website

Your website is stopped by default. After you start it, it will be difficult for other people to find because it doesn't have a name and they don't have your really long Base64 key. You could just tell people that really long key, but thankfully I2P has an address book and several easy ways to tell people about your website. Here's detailed instructions.

Virtual folders work, so you can host files from a sub directory without explicitly needing to provide a page with links to files. You can change the appearance of the directory listing by supplying an edited jetty-dir.css file for each of the directories you are serving, demonstrated here. The resources sub-directory (containing filetype images for the directory listing) reverts to the default style. If you need a template for a basic site, feel free to borrow and adapt this page and content!

If you're returned to this page after editing the content, try clearing your browser's web cache:

Register your own .I2P Domain

Now it's time to add your website to an I2P address book hosted by a site such as stats.i2p or no.i2p. That is, you must enter your website name and key into a web interface on one or more of these sites. Here is the key entry form at stats.i2p. Again, your key is the entire "Local destination" key on the Hidden Service Configuration page. Be sure you get the whole thing. Don't forget to click "add a key". Check to see if it reports the key was added. Since many routers periodically get address book updates from these sites, within several hours others will be able to find your website by simply typing something.i2p into their browser.

Adding Addressbook Subscriptions

Speaking of address book updates, this would be a good time to add some more addressbooks to your own subscription list. Go to your Subscriptions Configuration page and add a couple of these for an automatically updated list of new hosts:

If you are in a hurry and can't wait a few hours, you can tell people to use a "jump" address helper redirection service. This will work within a few minutes of your entering the key to an address book on the same site. Test it yourself first by entering http://stats.i2p/cgi-bin/jump.cgi?a=something.i2p or http://i2host.i2p/cgi-bin/i2hostjump?something.i2p into your browser. Once it's working, you can tell others to use it.

Some people check website lists such as Identiguy's eepsite status list or no.i2p's active host list for new eepsites, so you may start getting a few visitors. But there are plenty of other ways to tell people. Here are a few ideas:

Note that some sites recommend pasting in that really long destination key. You can if you want - but if you have successfully posted your key at an add-key service, tested it using a jump service, and waited 24 hours for the address book update to propagate to others, that shouldn't be necessary.

Using an alternative webserver to host your site

This site (and the I2P router console) is running on the Jetty webserver, but you may want to use a different webserver to host your content. To maintain anonymity, be sure that your webserver is configured to only allow connections from localhost (127.0.0.1), and check the documentation to ensure your webserver isn't advertising details that may compromise your anonymity.

To configure your webserver for use on I2P, you can either use the existing webserver tunnel and disable the default webserver from running, or create a new HTTP Server tunnel in the Hidden Services Manager. Whatever you choose, you need to make sure the listening port configured for the webserver (7658 by default for the I2P webserver Jetty instance) is also configured in the Hidden Services Webserver settings. So, for example if your webserver is listening by default on address 127.0.0.1 port 80, you'd need to also ensure that the Target port in the Hidden Service Manager settings page for the service is also configured to port 80.

Please be aware that a poorly configured webserver or web appplication can leak potentially compromising information such as your real ip address or server details that may reduce your anonymity or assist a hacker, which is why it's recommended to use the default server until you're up to speed on securing your alternative server and any webapps you may be running, for which there are many guides on the internet. The following may be of help:

Further Assistance

If you have any questions, the following places are available for support:

Note: This page, the website and the console all need translating into YOUR language if it's not already been done or in progress. Please consider helping the project grow by volunteering your time to translate. Contact the project via the IRC channel listed above. Thanks in advance!
Document last edited: July 2016.