The Tin Hat

Privacy Focused Blog Platform

25 February 2015
A 3 Minute Read

Support The Tin Hat on Patreon! Just one dollar makes all the difference in helping me write more content!

Throughout the life of this site I’ve searched for tools which allow me to implement features you’d find on other sites, but without compromising user privacy. Generally the way to ensure privacy is to use self-hosted services, which also happens to be ideal for use on anonymization networks like Tor and I2P as it limits external requests. I might write a longer tutorial on this later, but I thought I’d run down the blog platform I’ve slowly pieced together over time.

WebServer: Nginx

Nginx is a great, simple, performant webserver for sites that don’t need a thousand bells and whistles (cough apache cough). It uses barely any resources and can be thrown on even the smallest of servers. If you’re setting up a hidden service that isn’t the next Facebook, I’d highly recommend Nginx

Analytics: Piwik

Google Analytics is a powerful tool, though its also ubiquitous. Therefore, if it were only used on a single site there wouldn’t be much of an issue, however the fact that it is used on many sites means that Google can follow users around the internet. Moreover, because it’s externally hosted it won’t work very well on I2P.

Piwik is a great open source alternative. Piwik has not only many of the features that Google Analytics has, but also the ability to anonymize IP addresses. This means that should your server get compromised any user information would be effectively useless. That’s not to say that the analytics are useless, simply that it can be configured that the data is detailed enough for site-metrics, but generalized enough not to pinpoint any users. Lastly, because Piwik is self-hosted it works great with Tor and I2P, as no external requests need to be made.

Meant for sites that are on clear-net, or have additional access through hidden services. Piwik on purely hidden service doesn’t work well.

Comments: Isso

Isso is something that I just discovered recently, and so far I like what I see. Essentially Isso is a python-based comment platform similar to Disqus, insofar that adding comments to a webpage is as simple as pasting a bit of HTML and Javascript (though there’s a wee bit of backend work you need to do). Admittedly it is quite a bit more barebones than Disqus in terms of feature-sets, but it also doesn’t embedd Google Analytics like Disqus does, and allows you to keep all the data safe on your own server. Like Piwik, because there are no external requests it functions great on hidden services.

Content Management System: Jekyll

Wordpress is both ugly and constantly under attack. If you don’t keep it updated you’re going to get owned. That’s why static site generators like Jekyll have been making quite the splash. Not only does Jekyll lack all the security holes that Wordpress or Drupal have, but it’s also significantly faster. This is because rather than generating your site server-side and on-the-fly, Jekyll works by building your site into static HTML files, which you can then upload to your server.

Jekyll is built for blogs, and uses Ruby to turn posts written in Markdown into static HTML pages based on a template. It supports pagination and a whole slew of other features that can be customized for a very tailored website. Jekyll can also be integrated such that it only operates on a small section of a website (such as how it’s implemented on this site), but can keep other specific areas updated as well (such as a homepage). Jekyll also has plugins to minify HTML, create archives, build RSS feeds, and much much more. I’d highly recommend it for any blog, especially one that might be hosted on Tor or I2P.

What Else?

I’m always searching for new tools like Isso and Jekyll, so if you know of some post it in the comments below!


For a VPN and cloud hosting, try NordVPN and Digital Ocean.
Show some love by signing up using my affiliate links:
Or support me directly on Patreon

Help Me Out: Share, Follow, & Comment

Latest Posts

What is Device Fingerprinting?

Learn what browser fingerprinting is and how it canb e used to track you online.

How To Torrent Privately & Anonymously For Free

Learn the pros and cons of using a VPN to torrent, as well as how to use I2P to anonymously torrent for free!

VPN Drop Protection Using Simple Linux Firewall Rules

Learn how to protect against your VPN dropping using these simply Linux firewall rules

Ledger Nano S Review | Why You Need a Bitcoin Hardware Wallet

A review of the Ledger Nano S, and an explanation of why hardware wallets just make life better when using Bitcoin

What is Two Factor Authentication (2FA) And Why Use It?

What 2FA is, why you should use it, and why we need FIDO U2F.

Support The Tin Hat on Patreon!

The Tin Hat now has a few more ways to support the site.

What is a hash?

A simple explanation of what hashing is, and how hashes are used.

Trump's Toolbox | Future Attribute Screening Technology

FAST is a program that attempts to wirelessly detect whether youre a terrorist, and its in Trump's back pocket.

uBlock Origin, The Best AdBlock Alternative

For AdBlock (Plus) alternatives, look no further than uBlock Origin. This tutorial explains why, and how, you should use it.

I2P Browser Setup Tutorial | Using The Tor Browser For I2P

Learn how to browse I2P using the Tor Browser with this short guide

Privacy On Android | 2017 Android Privacy Guide

A tutorial on how to build privacy on your Android device. Learn what you need to do to stay safe and secure.

New I2P Portal For TheTinHat

TheTinHat has moved to a new server, with a new I2P hidden service to accompany it.

Rebranding 'The Dark Net'

Disassociating decentralized networks with the term 'darknets'.

In Defense of Browser-Based Email Encryption

Why I've reversed my opinion on Protonmail and Tutanota

Privacy Focused Blog Platform

A rundown of the tools I use to power my blog, hidden services.

A Lighter-weight Firefox

How I've set up a lightweight, yet still private browser.