What is Tor?
How to Identify and Block Tor Exit Nodes
May 10, 20255 min read
Table of Contents
What is Tor?
Tor (The Onion Router) is a network designed for anonymous communication. It routes internet traffic through a free, worldwide, volunteer overlay network to conceal a user's location and usage.
The Risks of Tor Traffic
While Tor is vital for privacy activists and journalists, 95%+ of Tor traffic hitting commercial websites is malicious.
- Credential Stuffing: Hackers use Tor to test stolen passwords.
- Vulnerability Scanning: Automated bots scan for SQLi/XSS vulnerabilities.
- Spam: Forum and comment spam often originates from Tor.
How to Block Tor Exit Nodes
Tor exit nodes are public. You can download a text file list and load it into your firewall. However, the list changes every hour.
Better Approach: Use a real-time API like IPASIS.
// JavaScript Example
const isTorUser = async (ip) => {
const res = await fetch(`https://api.ipasis.com/v1/lookup?ip=${ip}`);
const data = await res.json();
if (data.is_tor) {
throw new Error("Tor traffic not allowed");
}
}FAQs
Should I block Tor on my blog?
Probably not. Passive readers can be allowed. You should likely only block Tor on login or signup forms.