Do you provide SecureDrop technical support or just hosting?

Hosting plus baseline configuration support during initial deployment. SecureDrop-application-level support is operator responsibility; the SecureDrop Project maintains an active community for that.

Can the Source Server be on a regular onion VPS?

Technically possible but discouraged. Our SecureDrop-tagged VPS ship with the hardening baseline by default.

How does GPG-encrypted submission storage protect against seizure?

Seized VPS yields encrypted disk plus ciphertext submission files. Without the newsroom's GPG private key, no plaintext can be recovered.

Are there alternatives to SecureDrop we should consider?

GlobaLeaks is the main alternative, lighter-weight. For organizations without dedicated security staff, OnionShare receive mode may be sufficient.

Tor Hosting

SecureDrop Source Server VPS Hosting

The SecureDrop Source Server is the public-facing Tor hidden service that accepts whistleblower submissions. AnubizHost provides VPS preconfigured for Source Server operation with the SecureDrop hardening guide baselines: LUKS, AppArmor, GPG-only submission storage, and Tor on unix socket. Choose Iceland or Romania for the hosting jurisdiction based on your threat-model priorities.

Need this done for your project?

We implement, you ship. Async, documented, done in days.

Start a Brief

Source Server Architecture

The Source Server runs the SecureDrop Source Interface as a v3 onion. Submissions arrive via Tor Browser, are immediately GPG-encrypted to the newsroom's public key, and are stored in submission_id.gpg files on encrypted disk. Plaintext never exists on the Source Server. This is the core security property that makes SecureDrop robust against server seizure.

VPS Hardening Baseline

Full-disk LUKS with passphrase entered at boot via SSH. Tor 0.4.8+ as v3 hidden service on unix socket. nginx bound to unix socket, no TCP listen. AppArmor profiles for tor, nginx, and the SecureDrop application. Outbound network restricted to Tor; no clearnet DNS. No SSH password auth; key-only over Tor.

Operator Responsibilities

Air-gapped Journalist Workstation at the newsroom premises. GPG key generation on the Workstation, public key import to the Source Server. Regular submission retrieval via airgap-bridge media. SecureDrop Project documentation covers the Workstation half exhaustively.

Jurisdiction Choice and Crypto Billing

Iceland or Romania. BTC and XMR. Multi-year commitments available.

Related Services

Offshore VPS from $17.90/mo Dedicated Servers DevOps Services

Why Anubiz Host

100% async — no calls, no meetings

Delivered in days, not weeks

Full documentation included

Production-grade from day one

Security-first approach

Post-delivery support included

Bulletproof Hosting Providers

DMCA-Ignored Servers

Offshore VPS Hosting

Anonymous Hosting Solutions

Ready to get started?

Skip the research. Tell us what you need, and we'll scope it, implement it, and hand it back — fully documented and production-ready.

Start a Brief Browse SecureDrop VPS