Unless there is some new feature in the Tor demon to deep inspect new connections, all of the subdomain functionality happens at the HTTP level and so you will need to block that at your reverse proxy..

Connections over Tor are analogous to TCP connections, and the subdomains are ignored. For more on how this works, here's a video I did:

https://www.youtube.com/watch?v=pebRZyg_bh8

... I would recommend that you start at about 11:40.

- Alec

On Fri, 4 Aug 2023, 12:45 shruub via tor-onions, <tor-onions@lists.torproject.org> wrote:

Hi,
as one of my hidden service's subdomains is currently being dos-ed, I
would like to know if there is any way to disable the tor daemon just
passing through all requests. I could also tell my reverse proxy to send
a HTTP 444, but this is a little inconvinient. Afaik, the subdomain
functionality isn't official, but I thought it could maybe still be
possible.

Best,
shruub

_______________________________________________
tor-onions mailing list
tor-onions@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions