Another thing is, the best way to deal with a correlation attack via a blocked internet connection is to run 2 or more hidden services (2 or more sets of servers as described above) in different locations. Consider 3 hidden services with the same private key and corresponding onion domain. The way that works is, whoever publishes their hidden service descriptor last gets the connections. Hidden services publish their descriptors every half hour. So if you start them 10 minutes apart, users will be connecting to a different set of servers every 10 minutes. If LE somehow identifies one of the servers (despite the protections described above) and cuts the internet connection, a few minutes later they will be able to access "the" hidden service again, creating confusion and plausible deniability. The problem to solve is syncing the databases. For a blog that only gets updated a few times a day at most, that's easy. For a forum like this, that's a lot harder.