Which configuration file do I change in Apache to run it through Tor? I know you use:
Listen 127.0.0.1:8080;
Server_name 127.0.0.1:8080;
I think, but I don't have much experience with web hosting, I know how to use Linux, but a little new to this area and I also heard that Apache can leak out info, any one have any documentation I may read or give some help on preventing that?
Apache doesn't run through Tor. It is a service that listens on the ip address(es) and port(s) you specify in its config file. If you want to configure Apache to host only hidden services, then you limit your listening IP address to 127.0.0.1:
Listen 127.0.0.1:80
After that, in the VirtualHost block, you put the onion address in the ServerName. For example:
ServerName ctygdx55hgoleuht.onion
and you assign to DocumentRoot the public html folder of your onion site.
Don't forget to configure your hidden service(s) in your torrc file, and specify 127.0.0.1, not the server real IP, in HiddenServicePort there. For example:
HiddenServiceDir /path/to/hidden/service/private/key/dir
HiddenServicePort 80 127.0.0.1:80
Read this page for more information about this topic.
Another important step is to minimize/stop your Apache leakage of webserver info that makes it identifiable. Edit /etc/apache2/conf.d/security by adding/modifying two parameters like the following:
ServerTokens Prod
ServerSignature Off
