They offer different flash templates with latest features.
Login

Forgot password
Register
Back

 CAPTCHA Tor Exit Node IPs instead of Blacklisting on Sucuri Firewall

Created 3 months ago, edited 3 months ago.
Author:

scuxrhuy
Status:
Under review
  Score:
 -1
2 votes
Idea:

EDIT2: I researched this issue extensively and discussed it with the site admins. The closest "solution" I found was Cloudflare's Pro Plan Web App Firewall ($20/month) that would whitelist Tor traffic. The site admins considered it but decided to stick with the current Sucuri firewall setup. You can read the post here: https://forums.linuxmint.com/viewtopic.php?f=29&t=262773

Hello Mint community,

I know that the Linux Mint site is a major target for spam bots, but there seems to be a weird policy in Sucuri firewall that prevents a significant amount of Tor exit node IPs from registering/logging onto accounts on the LM forum and this site.

It seems like Sucuri doesn't specifically block Tor IPs (which is great! thanks for that) but it considers a lot of them malicious. Sucuri will allow me to browse the forum or community site, but once I try to login it will say my current IP is blacklisted.

At first I thought it blocked all Tor IPs from registering/logging in, but I found that it actually doesn't. Currently it takes me about 5-10 tries of building new Tor circuits before I find an exit IP that is not blacklisted by Sucuri firewall and can login.

While currently there are exit node IPs that aren't blacklisted by Sucuri, I'm concerned that in the future spam bots ruin the threat score of a significant amount of exit node IPs, so that essentially Sucuri blocks all Tor users.

Is it possible to whitelist all Tor IPs for registering/logging in, and present them with a CAPTCHA instead? I know that Cloudflare has a capability sort of similar to this (https://blog.cloudflare.com/the-trouble-with-tor/) - just make Tor users answer a CAPTCHA for all POST requests.

Of course this is all assuming that the admins actually want Tor traffic. If you do, but the above suggestions are not possible, I'd still love to talk and see if there's a way to make life a bit easier for Tor users. :-)

Comments:

3 months ago

remoulder
The forums are the place to ask questions of this nature  
3 months ago

scuxrhuy
EDIT: I realize that this idea does not pertain to the Linux Mint OS. Please let me know if there is a better place to post this than here, thanks.  

Other ideas from scuxrhuy

No other ideas.