[Security] Deny access to all tpo onion sites if request sent from Tor2Web services
Such as https://ea5faa5po25cf7fb[.]onion[.]best/
if ($http_x_tor2web) { return 403; }
Useful info:
Actual header: https://github.com/globaleaks/Tor2web/commit/552eedd12942911675365d0c5d8b06b964b8e0b0 (Info)Why T2W is bad: https://www.bentasker.co.uk/blog/security/346-don-t-use-web2tor (Client)Remove T2W domain from request: https://addons.mozilla.org/en-US/firefox/addon/healthyonions/