I know there was a ddos attack a while back, but it would be nice to access and be able to log in to this site again using Tails/Tor without giving location away. Using a VPN after Tor on Tails is a security risk and is difficult to figure out how to install on Tails for most people. Beginning with it’s creation and right up to the attack, Tor exit nodes weren’t blocked. Now they still are. Opening it up again might increase the userbase. Using sites like proxysite.com via Tor only works to read posts here about 1 out of 10 attempts and never allows log ins here.
The site is still being attacked. Biggest issue is the lemmy-ui crashing under the load, the server itself could just about handle it. I’ve talked to Digilol who I’ll likely hire to move town to a new server and set up proper .onion support but the current server is still pre-paid for 200 more days and even after the move it’s still possible that the lemmy-ui would go down anyways :/
Did you try to setup caching? That could reduce server load a lot.
https://github.com/LemmyNet/lemmy-ansible/issues/195
Is this on by default after v1.5.0?
If you install with ansible it should be included by default. You can check if your nginx config contains the cache lines. There is also a line you can uncomment to see the cache status with each request.
https://github.com/LemmyNet/lemmy-ansible/blob/main/templates/nginx.conf#L71
I’ll have a look, thank you!
Have you considered trying another frontend instead of lemmy-ui?
I’ve looked into alexandrite and photon before but to be honest, the install is quite messy since I didn’t really know what I was doing back then. Makes it pretty hard to figure out how to properly set these up and I’d rather start over on a new server.
Tor introduced native DDoS protection for onion services using a transparent Proof-of-Work defense over a year ago: https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/
You should strongly consider making the switch and turning on this feature. I was very surprised to find that this instance was being Cloudflare blocked. Maybe we could help with funding if needed.
The DDoS comes from exit nodes via clearnet so Tor PoW doesn’t work, most likely there will be a total server migration at some point that adds tor support with pow and a tor friendly frontend.
Yes. I think what I wanted to say is you can set up Tor PoW for an onion in addition to currently using Cloudflare for clearnet, but sounds like that will be part of the server migration rather than happening now. Thanks for the response.
Thanks for the update. https://lemmy.cafe/c/monero doesn’t block Tor, but no one ever posts there except rottenwheel.