Using ngx_http_realip_module I get $_SERVER[HTTP_CF_CONNECTING_IP] with visitor’s real IP in order to match it against TOR exit node IP list. But in most cases, when a visitor for sure uses Tor Browser, I get IPv6 addresses like 2405:8100:8000:5ca1::e0:d91f that actually is expected to be one of the IPv4 exit list.
If I exclude Cloudflare I failed to catch even a single IPv6 address from tor exit
Did I miss anything? Is there really existing IPv6 exit list? Is there another strong method to detect visitors that use Tor Browses if I still use Cloudflare?
Something goes wrong with geo IP and tor exit list. Approximately 50% addresses show particular countries instead of T1. For example: 2a0b:f4c2:1::1
and its [HTTP_CF_CONNECTING_IP] => 241.157.89.19
show [HTTP_CF_IPCOUNTRY] => DE
And 241.157.89.19 is not in Tor exit list