diff --git a/autoinstall/autoinstall.sh b/autoinstall/autoinstall.sh
index b1ec90b..5869b4d 100755
--- a/autoinstall/autoinstall.sh
+++ b/autoinstall/autoinstall.sh
@@ -222,6 +222,9 @@ InstallTorConfig() {
         _if_lan="eth0"
     fi
     $UCI_CMD set ruantiblock.config.if_lan="$_if_lan"
+    # dnsmasq rebind protection
+    $UCI_CMD set dhcp.@dnsmasq[0].rebind_localhost='1'
+    $UCI_CMD set dhcp.@dnsmasq[0].rebind_domain='.onion'
     $UCI_CMD commit
 }
 
diff --git a/packages/19.07/ruantiblock_0.9.0-2_all.ipk b/packages/19.07/ruantiblock_0.9.0-2_all.ipk
index 00e9bdc..c8c4893 100644
Binary files a/packages/19.07/ruantiblock_0.9.0-2_all.ipk and b/packages/19.07/ruantiblock_0.9.0-2_all.ipk differ
diff --git a/ruantiblock/files/usr/bin/ruantiblock b/ruantiblock/files/usr/bin/ruantiblock
index 509d439..7f4a651 100755
--- a/ruantiblock/files/usr/bin/ruantiblock
+++ b/ruantiblock/files/usr/bin/ruantiblock
@@ -446,7 +446,7 @@ GetDataFiles() {
         printf "\n" >> "$DNSMASQ_DATA_FILE"
     else
         ### Запись для .onion в $DNSMASQ_DATA_FILE
-        printf "server=/onion/%s\nipset=/onion/%s\n" "${ONION_DNS_ADDR}" "${IPSET_ONION}" >> "$DNSMASQ_DATA_FILE"
+        printf "server=/.onion/%s\nipset=/.onion/%s\n" "${ONION_DNS_ADDR}" "${IPSET_ONION}" >> "$DNSMASQ_DATA_FILE"
     fi
     rm -f "$UPDATE_PID_FILE"
     return $_return_code
diff --git a/tor/etc/tor/torrc b/tor/etc/tor/torrc
index 0f87133..e46acd5 100644
--- a/tor/etc/tor/torrc
+++ b/tor/etc/tor/torrc
@@ -1,12 +1,10 @@
-User admin
-PidFile /var/run/tor.pid
+User tor
 DataDirectory /var/lib/tor
 VirtualAddrNetwork 10.254.0.0/16
 AutomapHostsOnResolve 1
 TransPort 192.168.1.1:9040
 TransPort 127.0.0.1:9040
-DNSPort 9053
-DNSListenAddress 127.0.0.1
+DNSPort 127.0.0.1:9053
 #SOCKSPort 192.168.1.1:9050         # Tor socks-proxy
 GeoIPFile /usr/share/tor/geoip
 GeoIPv6File /usr/share/tor/geoip6