contents.lr 3.95 KB
Newer Older
1
2
3
4
5
6
7
model: _question
---
title: V2 Onion Services Deprecation
---
seo_slug: v2-deprecation
---
description:
8
### How do I know if I'm using v2 or v3 onion services?
9
You can identify v3 onion addresses by their 56 character length, e.g. Tor Project's v2 address:`http://expyuzz4wqqyqhjn.onion/`, and Tor Project's v3 address: `http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/`
Antonela's avatar
Antonela committed
10

11
12
If you're an onion service administrator, you must upgrade to v3 onion services as soon as possible.
If you're a user, please ensure that you update your bookmarks to the website's v3 onion addresses.
Antonela's avatar
Antonela committed
13

14
15
16
### What is the timeline for the v2 deprecation?
In September 2020, Tor started warning onion service operators and clients that v2 will be deprecated and obsolete in version 0.4.6.
Tor Browser started warning users in June, 2021.
Antonela's avatar
Antonela committed
17

18
In July 2021, 0.4.6 Tor will no longer support v2 and support will be removed from the code base.
Antonela's avatar
Antonela committed
19
20
21

In October 2021, we will release new Tor client stable versions for all supported series that will disable v2.

22
You can read more in the Tor Project's blog post [Onion Service version 2 deprecation timeline](https://blog.torproject.org/v2-deprecation-timeline).
Antonela's avatar
Antonela committed
23

24
### Can I keep using my v2 onion address? Can I access my v2 onion after September? Is this a backward-incompatible change?
Antonela's avatar
Antonela committed
25

26
V2 onion addresses are fundamentally insecure. If you have a v2 onion, we recommend you migrate now.
27
This is a backward incompatible change: v2 onion services will not be reachable after September 2021.
Antonela's avatar
Antonela committed
28

29
### What is the recommendation for developers to migrate? Any tips on how to spread the new v3 addresses to people?
30

31
In torrc, to create a version 3 address, you simply need to create a new service just as you did your v2 service, with these two lines:
Antonela's avatar
Antonela committed
32

33
`HiddenServiceDir /full/path/to/your/new/v3/directory/`
Antonela's avatar
Antonela committed
34
35
`HiddenServicePort <virtual port> <target-address>:<target-port>`

36
37
The default version is now set to 3 so you don't need to explicitly set it.
Restart tor, and look on your directory for the new address.
Antonela's avatar
Antonela committed
38
39
40
41
42
43
If you wish to keep running your version 2 service until it is deprecated to provide a transition path to your users, add this line to the configuration block of your version 2 service:

`HiddenServiceVersion 2`

This will allow you to identify in your configuration file which one is which version.

44
If you have [Onion-Location](https://community.torproject.org/onion-services/advanced/onion-location/) configured on your website, you need to set the header with your new v3 address.
45
For technical documentation about running onion services, please read the [Onion Services](https://community.torproject.org/onion-services/) page in our Community portal.
Antonela's avatar
Antonela committed
46

47
48
### I didn't see the announcement, can I get more time to migrate?
No, v2 onion connections will start failing nowish, first slowly, then suddenly. It's time to move away.
Antonela's avatar
Antonela committed
49

50
51
### Will services start failing to be reached in September, or before already?
Already, introduction points are not in Tor 0.4.6 anymore, so they will not be reachable if relay operators update.
Antonela's avatar
Antonela committed
52

53
54
55
### As a website administrator, can I redirect users from my v2 onion to v3?
Yes, it will work until the v2 onion address is unreachable.
You may want to encourage users to update their bookmarks.
Antonela's avatar
Antonela committed
56

Gus's avatar
Gus committed
57
### Are v3 onion services going to help in mitigating DDoS problems?
58

59
60
61
Yes, we are continuously working on improving onion services security.
Some of the work we have in our roadmap is [ESTABLISH_INTRO Cell DoS Defense Extension](https://gitweb.torproject.org/torspec.git/tree/proposals/305-establish-intro-dos-defense-extention.txt), [Res tokens: Anonymous Credentials for Onion Service DoS Resilience](https://gitweb.torproject.org/torspec.git/tree/proposals/331-res-tokens-for-anti-dos.md), and [A First Take at PoW Over Introduction Circuits](https://gitweb.torproject.org/torspec.git/tree/proposals/327-pow-over-intro.txt).
For an overview about these proposals, read the detailed blog post [How to stop the onion denial (of service)](https://blog.torproject.org/stop-the-onion-denial).