How to block Tor Users from accessing your website


Tor Users are really annoying. It doensn’t matter if you operate a bitcoin faucet or a blog about things. You will not paid for your invested work. Lot of Bots are using Tor Browser to avoid bans by IP. Block Tor is our goal.

I’ll show you an installation guide to ban all IPs of all tor server.

Installation Guide to block Tor User for a Apache-Server

You find on a complete IP-List of all Tor-Server. The IPs can change every 30 minutes.

With following shell-script you can build a blacklist-file for all these IPs. Generate a file named under var/scripts or where ever you want and copy the script below into it.

wget -q -O - | 
sed "s/^/Require not ip /g; 1i\<RequireAll\>\nRequire all granted" | 
sed '$a\<\/RequireAll\>' > /etc/apache2/tor-ip.conf; /usr/sbin/apachectl graceful

The file location /etc/apache2/tor-ip.conf with all blocked IP-Addresses is chosen freely. Make sure that your blacklist-file is writable.

As next you need a cron job who starts the shell-script to rebuild this list every 30 minutes.

*/30 * * * * /var/scripts/

Your cron job should look like this. Use Google if you don’t know how you can create a cron job.

Now you need to editing your website configuration. Go to /etc/apache2/sites-available and open you conf-file of your website. Copy this

<Directory /var/www/allaboutbitcoins>
    # Include tor ip
    Include /etc/apache2/tor-ip.conf

in your files and replace the Directory part with your directory to your website.

Here an example.

<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.

ServerAdmin [email protected]
DocumentRoot /var/www/allaboutbitcoins

<Directory /var/www/allaboutbitcoins>
    # Include tor ip
    Include /etc/apache2/tor-ip.conf

# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/allaboutbitcoins_error.log
CustomLog ${APACHE_LOG_DIR}/allaboutbitcoins_access.log combined

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

At last reload your apache with

service apache2 reload

Now all Tor-User have no more access to your bitcoin faucet.

Block TOR | Avoid TOR | Guide

image via pixabay