[tor-onions] Question about preventing DDOS
froggo at secmail.pro
froggo at secmail.pro
Thu Aug 13 22:56:18 UTC 2020
My hidden service was getting a lot of DDOS attacks recently. It was
firstly against Apache itself. I created a captcha system that doesn't
spend much bandwidth even when under DDOS. Using OnionBalance to balance
Tor instances between CPUs. My service is V3.
So recently the way of DDOS changed. My bandwidth usage is nearly at
maximum but even after I stop Apache service it continues. I checked it
with Nethogs and Tor is spending the bandwidth when Apache is running or
not running.
HiddenServiceEnableIntroDoSDefense 1
HiddenServiceEnableIntroDoSRatePerSec 25
HiddenServiceEnableIntroDoSBurstPerSec 200
Using these settings with my hidden service but doesn't seem to be doing
anything.
Is there something known to stop this with a configuration or is
dedicating more bandwidth the only way? My server spends 800 Mbps of
bandwidth even though nothing is served.
Thank you.
More information about the tor-onions
mailing list