• caglararli@hotmail.com
  • 05386281520

How do you rate limit bruteforce attempts on a Tor hidden service?

Çağlar Arlı      -    15 Views

How do you rate limit bruteforce attempts on a Tor hidden service?

I'm considering the feasibility of a .onion domain for my website to cater to privacy conscious users.

Actions that occur before there's a known UserID (eg. login page) need to have a bounded number of attempts to prevent bruteforce attacks.

How do you effectively rate limit unauthenticated users on Tor to prevent bruteforce attacks?