How to block Tor exit nodes from accessing your website
Internet trolls are using Tor nowadays to avoid bans by IP. However, banning Tor exit nodes is just slightly more complex. The Tor Project provides a regularly updated list of exit nodes that can access your IP here. As there may be many hundreds or even thousands of nodes, adding them to iptables can hurt your server's network performance. Enter ipset, a user-space hash table for iptables:
# create a new set for individual IP addresses ipset -N tor iphash # get a list of Tor exit nodes that can access $YOUR_IP, skip the comments and read line by line wget -q https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$YOUR_IP -O -|sed '/^#/d' |while read IP do # add each IP address to the new set, silencing the warnings for IPs that have already been added ipset -q -A tor $IP done # filter our new set in iptables iptables -A INPUT -m set --match-set tor src -j DROP