Using mod_spamhaus to block TOR in Apache

November 18th, 2012 | by David |
Some web spammers use the Tor Project to hide their wrongdoings. Because of this, I want to block Tor exit nodes from submitting forms on my web sites. However, there are many legitmate uses of the Tor Project, so I don’t want to block GET requests but primarily POST requests.
  1. Run sudo apt-get install libapache2-mod-spamhaus
  2. Open /etc/apache2/mods-enabled/mod-spamhaus.conf for editing (as root)
  3. Edit the MS_METHODS configuration setting. Make sure that POST is included and GET is not. Example:
    MS_METHODS  POST,PUT,OPTIONS,CONNECT
  4. Edit the MS_Dns configuration setting. If the IP address of your server is 198.51.100.222, and the port of your web server is 80 as usual, you start with the port number, reverse the numbers in the IP address and the setting becomes:
    MS_Dns 80.222.100.51.198.ip-port.exitlist.torproject.org
    So, for IP address A.B.C.D and port E, the value becomes E.D.C.B.A.ip-port.exitlist.torproject.org
  5. You may also want to edit the MS_CustomError setting. In my case it looks like this:
    MS_CustomError “Limited access for certain clients. Please contact abuse at 2good.net to get full access to our services.”
  6. Enable the apache module with sudo a2enmod mod-spamhaus
  7. Restart apache with sudo service apache2 restart
Your will get log entries like this:

[Fri Nov 16 04:28:05 2012] [crit] [client 37.59.162.218] mod_spamhaus: address 218.162.59.37.80.222.10.74.109.ip-port.exitlist.torproject.org is blacklisted. Deny connection to forum.taurin.se/index.php, referer: http://forum.taurin.se/index.php?topic=1731.0

Post a Comment