My hidden service was getting a lot of DDOS attacks recently. It was firstly against Apache itself. I created a captcha system that doesn't spend much bandwidth even when under DDOS. Using OnionBalance to balance Tor instances between CPUs. My service is V3.
So recently the way of DDOS changed. My bandwidth usage is nearly at maximum but even after I stop Apache service it continues. I checked it with Nethogs and Tor is spending the bandwidth when Apache is running or not running.
HiddenServiceEnableIntroDoSDefense 1 HiddenServiceEnableIntroDoSRatePerSec 25 HiddenServiceEnableIntroDoSBurstPerSec 200
Using these settings with my hidden service but doesn't seem to be doing anything.
Is there something known to stop this with a configuration or is dedicating more bandwidth the only way? My server spends 800 Mbps of bandwidth even though nothing is served.
Thank you.