Public IP Addresses of Tor Sites Exposed via SSL Certificates September 4, 2018 https://www.bleepingcomputer.com/ne...es-of-tor-sites-exposed-via-ssl-certificates/
In order to protect a site from being exposed in this manner, it's quite simple according to the researcher. "They should only listen on 127.0.0.1." Better yet, they should only listen unix socket if running under Linux...
Yeah, this is one of the ways that SR1 got pwned. Apache error messages on 0.0.0.0 Gotta watch out for that 0.0.0.0 (aka every available interface) binding! It's all too common as default. Because, you know, it just works