this post was submitted on 19 Nov 2024
11 points (92.3% liked)

Monero

1686 readers
47 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
 

I know there was a ddos attack a while back, but it would be nice to access and be able to log in to this site again using Tails/Tor without giving location away. Using a VPN after Tor on Tails is a security risk and is difficult to figure out how to install on Tails for most people. Beginning with it's creation and right up to the attack, Tor exit nodes weren't blocked. Now they still are. Opening it up again might increase the userbase. Using sites like proxysite.com via Tor only works to read posts here about 1 out of 10 attempts and never allows log ins here.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 4 days ago (4 children)

The site is still being attacked. Biggest issue is the lemmy-ui crashing under the load, the server itself could just about handle it. I've talked to Digilol who I'll likely hire to move town to a new server and set up proper .onion support but the current server is still pre-paid for 200 more days and even after the move it's still possible that the lemmy-ui would go down anyways :/

[–] [email protected] 1 points 2 days ago (1 children)

Tor introduced native DDoS protection for onion services using a transparent Proof-of-Work defense over a year ago: https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/

You should strongly consider making the switch and turning on this feature. I was very surprised to find that this instance was being Cloudflare blocked. Maybe we could help with funding if needed.

[–] [email protected] 2 points 1 day ago (1 children)

The DDoS comes from exit nodes via clearnet so Tor PoW doesn't work, most likely there will be a total server migration at some point that adds tor support with pow and a tor friendly frontend.

[–] [email protected] 2 points 1 day ago

Yes. I think what I wanted to say is you can set up Tor PoW for an onion in addition to currently using Cloudflare for clearnet, but sounds like that will be part of the server migration rather than happening now. Thanks for the response.

[–] [email protected] 2 points 3 days ago

Thanks for the update. https://lemmy.cafe/c/monero doesn't block Tor, but no one ever posts there except rottenwheel.

[–] [email protected] 3 points 4 days ago (1 children)

Did you try to setup caching? That could reduce server load a lot.

https://github.com/LemmyNet/lemmy-ansible/issues/195

[–] [email protected] 2 points 4 days ago (1 children)

Is this on by default after v1.5.0?

[–] [email protected] 2 points 4 days ago (1 children)

If you install with ansible it should be included by default. You can check if your nginx config contains the cache lines. There is also a line you can uncomment to see the cache status with each request.

https://github.com/LemmyNet/lemmy-ansible/blob/main/templates/nginx.conf#L71

[–] [email protected] 2 points 4 days ago

I'll have a look, thank you!

[–] [email protected] 2 points 4 days ago (1 children)

Have you considered trying another frontend instead of lemmy-ui?

[–] [email protected] 3 points 4 days ago

I've looked into alexandrite and photon before but to be honest, the install is quite messy since I didn't really know what I was doing back then. Makes it pretty hard to figure out how to properly set these up and I'd rather start over on a new server.