I need a script that blocks TOR servers in php ... I need to get the list of servers and block them.
Or, any solution to install on the server (centos).
Here is more information about TorDNSEL https://www.torproject.org/projects/tordnsel.html.en and how to structure query.
And below is function I found on the net that can perform dynamic checks.
( https://check.torproject.org/ must use something similar to this ).
I am not sure about performance under heavier traffic.
function IsTorExitPoint(){
if (gethostbyname(ReverseIPOctets($_SERVER['REMOTE_ADDR']).".".$_SERVER['SERVER_PORT'].".".ReverseIPOctets($_SERVER['SERVER_ADDR']).".ip-port.exitlist.torproject.org")=="127.0.0.2") {
return true;
} else {
return false;
}
}
function ReverseIPOctets($inputip){
$ipoc = explode(".",$inputip);
return $ipoc[3].".".$ipoc[2].".".$ipoc[1].".".$ipoc[0];
}
You need to check if the user's ip is in a TOR exit node DNSBL. Using static exit node lists won't be a good idea since nodes appear/disappear from time to time and you probably won't want to update the list regularily.
Various blacklists exists, the EFNET RBL is one of them. Note that it also resolves for some other IPs that might be considered undesirable in some cases - if you just want TOR ensure to ignore those other results.
If its need to block the TOR User id, follow the method:
ipset -N tor iphash
get a list of Tor exit nodes that can access $YOUR_IP, skip the comments and read line by line
wget
ipset -q -A tor $IP
done
filter our new set in itables filter
iptables -A INPUT -m set --match-set tor src -j DROP.
Here(https://github.com/RD17/DeTor) is a simple REST API to determine whether a request was made from TOR network or not. I think it will be pretty simple to use it from PHP
The request is:
curl -X GET http://detor.ambar.cloud/.
The response is
{
"sourceIp": "104.200.20.46",
"destIp": "89.207.89.82",
"destPort": "8080",
"found": true
}
As a bonus you can add a badge to your site to detect whether a user comes from TOR or not:
<img src='http://detor.ambar.cloud/badge' />
来源:https://stackoverflow.com/questions/10294244/block-tor-servers