[isoos]

I use tor for exploring topics that I don't want to tie to my regular profile (ranging from professional software development, through health care issues, but also hobbies, fiction and nsfw content). Having these browsing in a separate profile and also IP address makes it much more relaxed to look for interesting stuff on the internet. (I am not really fond of advertisement that tries to sell me whatever I've visited in the past month, on unrelated pages.)

It saddens me that the default response is ban, increasingly so for services that need account, but even just reading a webpage can become tedious or impossible :(

Please, do not ruin this option, because even though you may not use it today, you may need it in the future.

Note: I also use tor for low volume crawling. When high volume is needed, it is more favorable to subscribe for domestic VPN proxies, so you may be blocking tor, but you won't block those ranges, and the robots will get their content anyway.

[bauruine]

Whenever I read something like this I look my access and sshd logs for abuse IPs and check if they are Tor exit nodes. The Tor traffic is always negligible like 100 failed ssh logins out of 170k are from Tor exit nodes. Or 670 out of 400k for my nginx access.log. Am I unique and everyone else sees vastly different numbers where blocking Tor exits makes a significant difference in the abuse they get?

[isoos]

I don't really care if somebody blocks a random port of sshd. I just don't understand why people are eager to block public https traffic, which is exposed to the public internet anyway.

[supriyo-biswas]

Well, I’ve always tried to make my service available through Tor, but now that I faced an attack of 20,000 RPS distributed over all the exit nodes of the Tor network making requests to a computationally expensive (and non-cacheable) endpoint, and came out with 6x the hosting bill I usually get, I decided to block the entire network.

Maybe there’s an alternative reality where people do the right thing, and in that world I wouldn’t have to block Tor, but I don’t live in that world.

[isoos]

Shouldn't you protect that endpoint, regardless of the traffic coming from tor or not? It is really cheap to get traffic through domestic VPN proxies, so a dedicated attacker will get to it anyway...

[VWWHFSfQ]

> Please, do not ruin this option

I don't believe that I'm the one that ruined this option for you. Small web hosts simply don't have the capacity, budget, or patience to deal with the 95% garbage originating from these IP addresses. Tragedy of the commons, I guess.

[ilyt]

There is no reason to allow Tor IPs on most sites sadly. The abuse it is used for far exceeds legitimate traffic