Tor Redirect Workers?

I am currently blocking Tor users with a firewall rule, but when they get blocked they don’t know it is because of the browser they are using. So they might think it is a site error or some other reason. Thus, I would like to set up a Worker redirect and to redirect them to a short page on our website which tells them that use of the Tor Browser isn’t permitted while suggesting they switch to another browser so that they can access our site. Is this possible and is there perhaps a sample worker script for this already? Thank you.

Hi @Azita,

It may work with something like this:
https://developers.cloudflare.com/workers/examples/country-code-redirect

I haven’t tried it, but I would imagine Tor is treated as a country like in Firewall Rules.

1 Like

Excellent @domjh Thank you.

I already tried it and it works great. Since the Workers script requires a two letter country code I used “T1” for Tor, which is what Cloudflare uses to refer to the Tor browser when using country codes in Firewall Rules.

1 Like

I have done a lot of testing and I realize now that Tor redirecting via a Worker, or even just normal blocking of Tor with a Firewall Rule, is very unreliable.

It seems that Tor Browser triggers a JS challenge nearly every time because of its suspicious nature. And the majority of the time it gets right through to the website after the JS challenge. So it rarely gets hit with the Firewall Rule that is in place to block Tor Browser or the Worker that I setup to redirect Tor Browser to a security warning page. It seems that once someone is hit with a JS Challenge on Cloudflare then any other rules put in place on Cloudflare gets ignored after that.

Basically it seems like there is no real reliable way to block or redirect Tor Browser because it seems that the Firewall Rule to block Tor and the Worker redirect rule that I created works on Tor less than 20% of the time.

The only thing I found to actually work all of the time is to block the User Agent of the current Tor Browser version with a Firewall Rule, which is “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.105 Safari/537.36 Vivaldi/2.4.1488.40”

But this rule will stop working as soon as Tor Browser is updated again and the UA changes and it will not work on older versions of Tor Browser where the UA is of course different than above.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.