Tor Browser + Exit Nodes + Website Blocks


Quite often when using Tor Browser, there will be websites which block the Tor exit node. This could be done by the CDN the site is hosted on by flagging the ip address of the exit node and checking it against reputation databases. Is there a recommended way to access sites which are blocking exit nodes or fingerprinting the Tor Browser?

1 Like

This is a very common issue. I wrote to Patrick about this, he is thinking about a workaround.

List of Tor exit nodes is public so any website can easily restrict access to it through Tor exit nodes. The idea is to use a scheme ISP > Tor > VPN/Proxy > Website. An external VPN/Proxy provider cannot find out the information about your real IP address as your connection to it is established through Tor but your anonymity might be reduced to pseudonimity because VPN/Proxy provider and non-Tor browser can still fingerprint metadata and form a unique fingerprint of your browser.

I prefer to use firefox-esr browser on top of Whonix Workstation with a VPN/Proxy setup. Firefox ESR does not have the same privacy patches as Tor Browser have, but you can still do some steps to reduce fingerprinting. First of all, disable WebRTC, Pocket, Firefox Accounts, Screenshots and set fingerpring resisting in Firefox about:config settings. You can find out more about disabling that feautures in Mozilla faq.

In future, a separate hardened ‘non-Tor’ browser inside Whonix Workstaton will be required for accessing websites which block Tor exit nodes but it is a very complicate work.

Bypass Tor Censorship

I don’t have confirmation this is happening but if this was happening I am not sure there would be any easy/sane solution. Background, for rationale of using Tor Browser:

…and then trying to work around fingerprinting Tor Browser unrelated to IP based bans… Difficult…

Is there any wherewithal to devote a Wiki entry to navigating the “privacy conscious” or “Tor friendly” web? I want to narrow the problem to services where there may be compromise or a lack of a concerted effort to blacklist entire internet blocks.

Perhaps we could brainstorm the problem and the solution. The problem, generally is the poor reputation of the Tor userbase. The question I pose is whether we can improve our reputation or legitimately work within the TOS of these services to operate normally.

Reddit is effectively segregating Tor users from the population. Is there a solution other than exiting to a clean proxy/VPN?

Does Telegram freely allow Tor users (accepting that I have access with a valid phone number)?

PrivacyTools does not allow registration on their Matrix federated server… not sure whether that is Tor-specific?

Has it come to this purely because of bad actors?

I’d like to believe that Whonix users generally “raise” the standard of the Tor userbase. We’re just a proverbial “drop in the bucket,” however.

How is it on these other supposedly “privacy conscious” or “Tor friendly” networks? Is there any interest in a Wiki entry for sorting out these problems?

I am capable of technical workarounds, my question pertains to the problem of the popular services that claim to be tech- or privacy- oriented, yet segregate Tor users. Do we have any leverage aside from exiting to a clean node?

The Tor Project (TPO) does / orchestrates that kind of outreach activities?

You might be welcome to move these pages from TPO legacy to TPO new wiki. Updating these wiki pages. And whatnot.

I think there is no way to bypass Tor users segregation. Big companies will block anonymous users because they want to control everything and everywhere. The only way to save Tor is to make something like obfuscated bridges, but for Tor exit nodes. I don’t know why Tor developers keep list of exit nodes public. Whonix project just makes its job for creating secure and anonymous operation system to prevent data leaks. The problem is in Tor architecture I’m sure.

An ideal solution is to change Tor architecture. A temporary solution I think is to use ISP -> Tor -> Proxy/VPN scheme. But the temporary solution generates another problem of making secure browser which will be effective in resisting fingerprinting as Tor Browser.

Tor FAQ:
You should hide the list of Tor relays, so people can’t block the exits.

I haven’t seen any technical proposals how that would be technically possible even in theory.