The Whonix website takes an individual's privacy seriously and collects as little information as possible. IP logs are disabled. If events such as spamming or abuse become widespread, then it may be necessary to re-enable IP logging. In all years of Whonix website's operation this was never the case.
In any case, it is recommended to visit this website using either Tor Browser in Whonix or the Tor Browser Bundle.
|Valid SSL Certificate||Yes|
|HTTPS Everywhere  Inclusion||Yes |
|Passed Qualys SSL LABS  SSL Server Test :||Yes, A+ rating. |
|HSTS ||Yes |
|HSTS Preloading List     ||Yes   |
|Certificate Authority (CA) Pinning||obsolete |
|HTTP Public Key Pinning||obsolete |
|DNS Certification Authority Authorization (CAA) Policy||Yes|
|Expect-CT header ||Yes|
|Flagged Revisions ||Yes, admins must verify changes before they become the default version.|
|Secondary .onion Domain ||Yes  |
|Content Security Policy (CSP)||Yes, A Rating.    |
If users have any further suggestions, please edit this entry or discuss possible changes in the Whonix forums.
curl -i https://whonix.org
- Requested. Will propagate to Chrome, Firefox and Tor Browser.
- Optional Tor onion service (.onion domain); alternative end-to-end encrypted/authenticated connection; in this use case, not for location privacy; backup in case DNS is not functional
- See also Forcing .onion on Whonix.org.
Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.
Whonix is provided by ENCRYPTED SUPPORT LP. See Imprint.