[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Putting onion services behind a third-party TCP proxy



Hi all,

When deploying an onion service, I noticed some problem that the ip address of my machine that runs tor daemon is exposed to the Tor network which is vulnerable to the DDoS attack if someone knows my ip address.

So I'm thinking putting the tor daemon behind some third party TCP proxy that will protect me from this kind of DDoS attack.

What do you think if I want to implement a feature that forward all the onion service traffic to the TCP proxy before going to the Tor network?

The protocol that I'm thinking is TCP Proxy Protocol [1]

[1] https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev