Jump to: navigation, search

Forcing .onion on Whonix.org

This page contains changes which are not marked for translation.

Other languages:

To do this, simply follow these links below to browse the Whonix main page, homepage, forums, download page, phabricator site, or the Whonix Debian repository:

Once a user rule is configured (see below), using Whonix .onion addresses is easy and seamless.


  • The user must have Tor Browser installed, which is the default in Whonix.


HTTPS Everywhere is a very clever tool created by developers at the EFF. It automatically forces encrypted communications (HTTPS) on many major websites (where it is offered), preventing the user from browsing the HTTP (insecure) version. However, HTTPS Everywhere supports user rules, and it is not limited to HTTP(S). This means the user can configure it to rewrite requests from the .org extension to .onion domains instead! [1]

Adding User Rules[edit]

Locate the directory "HTTPSEverywhereUserRules". It should be named something similar to /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/HTTPSEverywhereUserRules/.

Create a new file called WhonixOnion.xml.

Open /home/user/.tb/tor-browser/Data/Browser/profile.default/HTTPSEverywhereUserRules/WhonixOnion.xml in an editor.

If you are using a graphical environment, run.

kwrite /home/user/.tb/tor-browser/Data/Browser/profile.default/HTTPSEverywhereUserRules/WhonixOnion.xml

If you are using a terminal (Konsole), run.

nano /home/user/.tb/tor-browser/Data/Browser/profile.default/HTTPSEverywhereUserRules/WhonixOnion.xml

And paste.

<ruleset name="Whonix Onion">
  <target host="whonix.org" />
  <target host="www.whonix.org" />
  <target host="phabricator.whonix.org" />
  <target host="forums.whonix.org" />
  <target host="download.whonix.org" />
  <target host="deb.whonix.org" />
  <rule from="^https?://(.*\.?)whonix\.org/" to="http://$1kkkkkkkkkk63ava6.onion/"/>

(Re)Start Tor Browser[edit]

After installing the user rule, start or restart Tor browser. When navigating to www.whonix.org, HTTPS Everywhere will automatically engage and instead send the user to kkkkkkkkkk63ava6.onion. To disable this functionality, disable the ruleset using the HTTPS Everywhere icon in the upper right of the browser window, or simply delete the file.

Happy browsing!

Other Rules[edit]

For other similar rules, check the Darkweb Everywhere resource.


  1. Because of the way most popular webapps are written, they expect to be at one location, for example whonix.org/blog, and not at multiple locations. That is why this workaround is needed. https://forums.whonix.org/t/whonix-blog-inaccessible-through-hidden-service

Random News:

Did you know that Whonix could provide protection against backdoors? See Verifiable Builds. Help is wanted and welcomed.

Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)