Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is it possible to block Tor users?

Tags:

tor

Would it be possible to block Tor users? (https://www.torproject.org/)

Due to the nature of the site I run I should do all I can to stop multiple accounts and block certain locations. Tor is worse than proxies - a total nightmare...

like image 444
domino Avatar asked Mar 20 '12 00:03

domino

People also ask

Is it possible to block Tor?

The most common way to block Tor traffic would be to locate an updating list of Tor exit nodes and configure a firewall to block these nodes. A company policy to prevent Tor use may also go a long way to cease its use.

How do I ban someone on Tor?

To block Tor, you need to set up both a Firewall rule and a HTTPS Decrypt and Inspect policy: Set up a Firewall rule to block the Tor layer 7 signature, see our help topic, Adding new Smoothwall Firewall rules: Go to Network > Firewall > Firewall rules. Click Add section, type the Name "Tor" and click Save changes.

Can Tor be blocked by network administrators?

Tor is often blocked by administrators of certain networks. One way around this is to use bridges which shouldn't be detectable as Tor nodes. If the blockage is more sophisticated and uses deep packet inspection, you may need to use an additional tool, such as Pluggable Transports (see below).

How do I block Tor Proxy?

Under App Control Advanced, select PROXY-ACCESS under Category. Select Tor under Application and then click on the Configure button. A pop-up window appears, select Enable under the Block and Log fields. Click OK to save.

2 Answers

Tor is much easier to block than other open proxies since the list of exit IP addresses is known and published. Read the answer at https://www.torproject.org/docs/faq-abuse.html.en#Bans and if you still want to block users from accessing your site you could use https://www.torproject.org/projects/tordnsel.html.en or the Bulk Exit List exporting tool.

If you use the Bulk Exit List exporting tool be sure to get a fresh list often and expire the old blocks since the list of IP addresses change.

like image 182
Johan Nilsson Avatar answered Sep 18 '22 23:09

Johan Nilsson

Blocking Tor is wrong because (ab)users and IP addresses are not the same. By blocking Tor you will also block legitimate users and harmless restricted Tor exit nodes configured with conservative exit policies.

For example, if you concerned about attacks on SSH (port 22) then blocking only Tor will do little to increase security. What you really might need is dynamic synchronised blacklist like http://denyhosts.sourceforge.net/ that track offenders disregarding of their affiliation with Tor.

Denyhosts will automatically block Tor exit nodes that allow Tor to access port 22 without unnecessary denying access to anonymous users and operators of Tor exit nodes who never let offenders to attack your SSH services.

like image 34
Onlyjob Avatar answered Sep 17 '22 23:09

Onlyjob
Sign in to Comment

Related questions

How do I use Tor as system VPN and cut out some nodes? [closed]
Ruby, Tor and Net::HTTP::Proxy
How can I force Tor to use a new identity without using Vidalia?
How to route urllib requests through the TOR network? [duplicate]
Send HTTP request from different IPs in Node.js
How do I get the Tor exit node IP address over the control port?
How to use Tor control protocol in C#?
Proxy IP for Scrapy framework
How to develop an application that uses the Tor network? [closed]
Using the Tor api to make an anonymous proxy server
RSelenium with Tor with NEW RSelenium version on Windows
Python - Firefox Headless
Python urllib over TOR? [duplicate]
exec: executable file not found in $PATH
How to use Tor combine with Java [closed]
How to change Tor identity in Python?
Doing http requests through a SOCKS5 proxy in NodeJS
Open tor browser with selenium
using Tor as Proxy
How to run multiple Tor processes at once with different exit IPs?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!