Detect Tor Network

In Guias para la Web, php y algo mas By TechUser On

Well, I can only say that I have had lots of trouble with Tor I understand the need of keeping your Ip address secured and the need to user this kind of Network..

But for the most part and in my experience I have only had problems with it.. Of course not all the people that uses it, does bad thing with it but I had this individual trying to hack my application, registering and posting obscene comment posting unappropriated material and so on..

I kept banning Ips and he would just switch on the fly to another, I had blocked by Ip range and only end up blocking legit users, not a feasible fix.

Goggling I found https://check.torproject.org/cgi-bin/TorBulkExitList.py

You enter the Ip of your server or Website and will print a list of possible Ips that could connect.. after that it was easy for me to create a short function and use it in the page I wanted to detain the individual.

At the precise moment I was being attacked by the hacker spammer, captured the ip he was currently using and tested against the list I was given. success it worked it was already included I saw the light again…

Ok so the code..

First go to the page Bulk Tor Exit Exporter
You will get a web list with Tor Ips that could connect to your service, save it to txt format and name it TorList.txt then create a PHP document name as you like, I called it torchecker.php.

function checkTORconnection(){
$ips = file('./TorList.txt');
$iptocheck = isset( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : false;
$isfound = false;
if( $ips && $iptocheck ){
for ( $i=0; $i <count( $ips ) $i++ ){
if( trim( $ips[$i] ) == $iptocheck ){
$isfound = true;
}
}
if( $isfound )
{
return true;
}
return false;
}
return true;
}

I check $_SERVER[‘REMOTE_ADDR’] if not found for me that’s it, I don’t want that user but your taste could be different.. anyways you use the function as follow:

require_once('./torchecker.php');// require our function
// now use it as normal conditional
if( checkTORconnection() ){
// allow or do anything you want.
}

Well that’s it, I needed to post this because it was really important for me and people should know how to defend against this anonymizers..

regards all.