Default Settings in Apache May Decloak Tor Hidden Services

55

Websites that rely on the Tor anonymity service to cloak their server address may be leaking their geographic location and other sensitive information thanks to a setting that’s turned on by default in many releases of Apache, the world’s most widely used Web server.

The information leak has long been known to careful administrators who take the time to read Tor documentation, but that hasn’t prevented some Tor hidden services from falling victim to it. 

Read more at Ars Technica