Whonix ®

Download

Windows Linux Mac VirtualBox KVM Qubes USB ISO (coming soon) More options Source Code

About

Overview Features Whonix vs VPNs Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

This wiki page documents how to connect to localhost from inside Whonix-Workstation. This might be useful for the use case of Hosting Location Hidden Services and Onion Services.

Local Connections[edit]

Local connections are often dysfunctional default. (Why?)

• Tor Browser cannot connect to localhost by default.
  • See chapter Local Connections on how to accomplish connections to localhost.
  • How to connect to 10.152.152.11 (Whonix-Workstation default internal IP address) using Tor Browser is undocumented, however unspecific to Whonix and should be researched as per Generic Bug Reproduction. This is because Whonix does not develop Tor Browser. Upstream, The Tor Project does.
  • If connecting to your very own server running in your own VM which is completely self-hosted, since there is no risk of browser fingerprinting, an easy workaround would be to use a browser other than Tor Browser such as for example Chromium.
• curl, scurl, wget might not be able to connect to localhost by default.
  • This is because these are wrapped by uwt by default for the purpose of stream isolation. See Deactivate uwt Stream Isolation Wrapper.
  • This is possibly no longer required thanks to the Whonix default /etc/tor/torsocks.conf configuration file which sets AllowOutboundLocalhost 1. ^[1]
• Whonix-Workstation Firewall might be interfering.
  • If that is suspected, consider (temporarily) disabling it. For higher security, this could be done while offline and inside a dedicated VM using for testing purposes only.

Why[edit]

Local connections are often dysfunctional default, because:

• most applications installed by default are pre-configured from a client (not server) perspective.
• These are pre-configured for Stream Isolation.

References[edit]

Whonix The most watertight privacy operating system in the world.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Whonix is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Whonix we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2024 ENCRYPTED SUPPORT LP

Your support makes
all the difference!

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!