[tor-onions] Question about preventing DDOS

froggo at secmail.pro froggo at secmail.pro
Thu Aug 13 22:56:18 UTC 2020

My hidden service was getting a lot of DDOS attacks recently. It was
firstly against Apache itself. I created a captcha system that doesn't
spend much bandwidth even when under DDOS. Using OnionBalance to balance
Tor instances between CPUs. My service is V3.

So recently the way of DDOS changed. My bandwidth usage is nearly at
maximum but even after I stop Apache service it continues. I checked it
with Nethogs and Tor is spending the bandwidth when Apache is running or
not running.

HiddenServiceEnableIntroDoSDefense 1
HiddenServiceEnableIntroDoSRatePerSec 25
HiddenServiceEnableIntroDoSBurstPerSec 200

Using these settings with my hidden service but doesn't seem to be doing

Is there something known to stop this with a configuration or is
dedicating more bandwidth the only way? My server spends 800 Mbps of
bandwidth even though nothing is served.

Thank you.

More information about the tor-onions mailing list