Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/donnchac/cloudflare-tor-whitelister

Whitelist Tor exit relays to allowing Tor users access your CloudFlare-protected site without CAPTCHA's
https://github.com/donnchac/cloudflare-tor-whitelister

Last synced: about 2 months ago
JSON representation

Whitelist Tor exit relays to allowing Tor users access your CloudFlare-protected site without CAPTCHA's

Host: GitHub
URL: https://github.com/donnchac/cloudflare-tor-whitelister
Owner: DonnchaC
License: gpl-2.0
Created: 2015-05-19T13:03:55.000Z (over 9 years ago)
Default Branch: master
Last Pushed: 2016-08-06T15:29:38.000Z (over 8 years ago)
Last Synced: 2024-10-14T19:21:03.310Z (2 months ago)
Language: Python
Size: 29.3 KB
Stars: 61
Watchers: 14
Forks: 12
Open Issues: 1
Metadata Files:
- Readme: README.rst
- Changelog: CHANGES.rst
- License: LICENSE.md

Awesome Lists containing this project

README

Automatic CloudFlare Tor Exit Whitelister
=========================================

----------

**Important Update:** Cloudflare now allows website operators to whitelist Tor relays directly in your CloudFlare control panel. This tool is no longer necessary. Please see the `CloudFlare blog `_ for more information.

----------

CloudFlare provides an external service to defend your site against denial of service attacks. Unfortunately Tor users are often inconvenienced by repeated requests to solve CAPTCHA's due to CloudFlare's threat scoring approach.

CloudFlare does not currently provide a means of allowing Tor visitors. Website operators should be able to take advantage of the increased stability and DoS resistance that CloudFlare provides without blocking their anonymous users.

On the `\[tor\-talk\] `_ mailing list, Moritz Bartl proposed the idea that operators could explicitly white list Tor exit IP addresses in their control panel as a stop-gap measure to avoid blocking their users.

This script is a rough proof-of-concept which whitelist's Tor exit IP addresses via the CloudFlare REST API. Problematically CloudFlare currently enforces a maximum limit of 200 access rules per user or zone. However the top 200 Tor exit IP addresses currently represent ~95% of the exit probability. as such using this should still significantly enhance the user experience for Tor users.

All feedback and bug reports very welcome!

Installation
------------

$ pip install cloudflare-tor-whitelister

Usage
-----

$ cloudflare-whitelist -t 'API_TOKEN' -e 'CLOUDFLARE_EMAIL'

Your CloudFlare API token and email can also be specified in the `CLOUDFLARE_API_TOKEN` and `CLOUDFLARE_EMAIL` environment variables rather than as command line arguments. Your CloudFlare API key is listed on your `My Account `_ page.

By default the whitelist rules are applied across all zones owned by your account. If instead you would like to only whitelist on a particular domain you should specify it with the --zone option.

It is probably sufficient to run this script via `cron` once per day.

$ crontab -e

0 0 * * * cloudflare-whitelist -t 'API_TOKEN' -e 'CLOUDFLARE_EMAIL'