I got a wild hair up my ass, as one does, to serve this blog over tor as well as over the clearnet. There is really nothing to it, but in the process of setting it up, I was forced to address some of the warts in the design of this blog; namely, that my Korean font was making this site very heavy for slow connections. Tor Browser, as far as I can tell, doesn’t cache anything, and so navigating this blog becomes extremely sluggish having to re-transfer a 14MB font file every time! I’ll go over how to set up an onion site and what I did to make this site work better when accessed over a slow connection.

serving an onion site alongside an ordinary web site

The Tor Projoct already has a simple guide about how to set up an onion site. The gist is this:

1. install tor

2. uncomment the appropriate lines in the torrc config file

3. restart tor and check what your hostname is

It is pretty straightforward. Of course, you need to have a working web server for the site to be accessible. In my case, I already had Apache serving this blog over the web, so in order to allow people to access it using an onion address all I had to do was define a ServerAlias in the Virtual Host config:

<VirtualHost *:80>

    -- snip --
    
    ServerName giraffleur.org
    ServerAlias wh62u2q2lmdhqu2moprye637d6ejbgaadlzfnvjyhxbvy3zrpoq7x3qd.onion
    DocumentRoot /var/www/giraffleur.org
    
    -- snip --
    
RewriteEngine on
RewriteCond %{SERVER_NAME} =giraffleur.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

The ServerAlias is added to the VirtualHost config that is listening on the unsecured port (80). We add the alias here rather than the SSL-enabled VirtualHost config because onion sites do not use SSL certificates to secure connections. It is enough to just let Apache know that anyone trying to access that onion site should be served the content in the DocumentRoot specified. It is that simple. Of course, backup the private keys that tor generates for your onion site.

lightening the load for tor users

As I was browsing around my onion blog, I realized that it was annoyingly slow. Tor is ordinarily a bit slower anyway, but this felt like unnecessary drag. The culprit was the Source Han Sans font I use here, which is a single woff file weighing about 14MB. So I had a few options.

Just don’t serve CJK fonts

Why not just use the fonts people already have on their computers? I know some people always block remote fonts (I used to do this also). The problem with this is that getting CJK text to flow well with Latin text is tricky. Not serving a CJK font makes it very likely that the typography of pages that mix Latin and CJK scripts will completely break. If you want to block fonts intentionally, then that is one thing, but breaking the display for those who don’t block fonts feels wrong.

Load only the glyphs needed to render a given page

I used to do this when I used Plex on this site. In fact, using split woffs of IBM Plex Sans KR dramatically reduces the total amount of data transfered on first load. Somehow, though, it also makes it lag more than it seems like it should for being such a small transfer. I am guessing that this has to do with client-side processing of the rather long css file declaring @font-face definitions for specific ranges of glyphs. There may be ways to optimize this processing to prevent this annoying lag, but I didn’t want to go down that rabbit hole today.

Use a lighter font

The obvious choice would be to use a font that is more lightweight. Most Latin woff files range in the tens of kilobytes, but Korean fonts, having tens of thousands of glyphs, are in the range of megabytes (an not uncommonly in the tens of megabytes, if not more!). Browsing for a new font is hard; it’s hard to find a font that looks good itself, works with the other fonts I’m already using, and doesn’t weigh a ton.

I got lucky, however, and realized that there was an even more efficient way to serve Source Han Sans on my site. The font is broken up so that you can optionally use just the Korean sets, or the Chinese sets, which is what I had been doing. But I discovered that they have even smaller variable font files that are region-specific. The region-specific woff for Korean weighs in at just 3.6MB, which is still sizeable, but considerably smaller than the version I used previously.

Using this new woff makes the site load quicker on first visit over the web (after which it loads instantly since the font is cached), and even in Tor Browser the loading times are decent. It is not snappy in Tor, but nothing ever is. That is part of the trade-off to achieve some degree of anonymity online.