[tor-dev] Faravahar Directory + reverse proxy

SiNA Rabbani sina at redteam.io
Wed May 16 08:01:39 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Last week I experimented with OpenSSL 1.0.1c and saw a huge increase
in traffic. Unfortunately, my hardware was not up to the task and I
started seeing timeouts and other errors.

I have decided to replace the server with a much beefier one in the
very near future. Meanwhile, I installed nginx as a reverse proxy on
the Directory Port.

nginx config:

server {
    listen       154.35.32.5:80;
    server_name  _;

    location / {
                 proxy_pass        http://154.35.32.5:81;
        }
}


Tor:
DirPort 80
DirListenAddress 154.35.32.5:81


It was very easy and nice to configure Tor Directory behind a reverse
proxy. The DirListenAddress came super handy!! Nice design.

Currently the directory port is responding blazing fast:
http://faravahar.rabbani.jp/tor/status/all.z

Can someone poke at the directory port and let me know if they can
find any issue with serving Tor in this fashion?

If this works fine, I will try to configure the directory port on a
fancy DDoS mitigation gear next.

All the best,
SiNA

- -- 
First they ignore you, then they laugh at you, then they fight you,
then you win ~ Mahatma Gandhi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJPs17iAAoJEJPBwXYLR9VtSvgP/3X77PZCF9yv2MGHuWwkyIDM
1Xye/A4Q5Vnm1ZekNpzsXHK0jNsl0FWKS0/zzx9zkokzeHbwN+CG7Y5jYJBdIbvP
DL81Q5VDjsR8tS6MOcEHK+DqnHPpKSSNf2FYCeX9KAstumim+PTV7G84I+0sq4ZL
7B/o43XEuGA3518oLM0v1QcHW+gn58vmpgw0Xh74iv+9EKCCrEY3OJImhXp3tuoe
xoM3R9mdcI87uafU/ZyToPO/sAO7f/A3yZXjvMY9XKCLEXMpSqDgrKx3Xt+AeJVs
2qtBfamiT76hpH9kv8429iP3LzJJfWUZvOl5dgziMg6GaD07KKHKFqyN9KYR/7RQ
k/Gm0yQcECGxzyBRVxYIAIQFWOpK7c1/Sa9Mn4VNlzqAflYTbJrf47YDfX7vlFE0
giILtLvjcOK4fkv0OD1bTo+pFbY62WXAoZ3VwWu9jEBkgYAvdD55WWyg/zYJCKLi
aSCy8f1VszPU9dciSN4JjgPU+zXvY/Zzkui2r4Y5IduVjI0h4FhTyVUETrqJj8Rt
eyhfyWYONoGurSPH/LUwlfsI8T4ertZCKv9kLOl7AkOoDIrbj0XUf1mhZyjGz5H7
cN3y0q8iy87InH8udIndAUVRwYTysAHiHvZ5ycbB4OcNMK1JlC6RL3hJx64rNbob
hpYatE88b/E9vlZENF8q
=SepB
-----END PGP SIGNATURE-----


More information about the tor-dev mailing list