Cloudflare Blocks TOR

Have noticed Cloudflare is nearly everywhere now and is blocking almost all website access if using TOR connections as in e/os ADV Privacy. What can be done beyond telling site owners to ditch Cloudflare? Would conventional VPN work better and get passed these anti privacy controls?

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone


I wouldn’t say that. Since I have Tor mostly on I can’t see much influence of Cloudflare here at all. But more and more websites recognize Tor servers and avoid the access.

One of the most simple workarounds you can do is to change the concrete Tor servers you use just by causing a new connection. The chance is more than 90% that the next Tor connection will not be recognized by the website.

OK, establishing a new connection is probably a bit circumstantially on a mobile (web browsing is generally circumstantially on a mobile …)

On Windows I use still AdvOR for that (and many other things), on Linux I have systemctl restart tor on a hot key, followed by F5 in the browser, that’s all.

I would bet half of my saved sites go thru Cloud flare now and growing daily. They used to eventually get me thru “security” check. Not now.

I am not a techie so not sure what this means? “establishing a new connection is probably a bit circumstantially on a mobile (web browsing is generally circumstantially on a mobile …)”

I am mostly on mobile, as I thought this was mobile e/os discussion group.


In case I use Mullvad VPN.
So far no problem accessing any site.

Sounds good. Thats for Android not PC?

Both. I use Clients on eOS & Linux

Cloudflare getting more and more an expected middleman is an issue. When not talking to an API fronted by Cloudflare and inside a browser, a possible workaround is authenticating once with a hardware security key and then not solve any captchas in this Browser.

They name this “Cryptographic Attestation of Personhood” (CAP):

Yes, but to be clear: they don’t block anything, also not Tor as the OP said. They just want a click and then they store a cookie. My browsers clear all cookies except a white list 15 minutes after last use (uMatrix), so I think giving them the damned click is an acceptable risk.

I can also imagine using this principle is not the most intelligent way to get an “attestation of personhood”. The informations you get by the click are not more intelligent than the informations you get without the click. Especially the click does neither proof a real person nor identify a concrete one. Probably you could write a browser addon which does an automatic click. I guess nobody did this until now because the amount of Tor users isn’t big enough. That Tor users get this damned checkbox from Cloudflare is just nudging. Others show idiotic captcha pictures which is much more annoying.

Yes, they do block access. That is why I asked about the issue. I never even get to captcha.

How much does it cost? Thanks

Have look here for the details:
But there are some other trustworthy VPN provider around.

This topic was automatically closed after 90 days. New replies are no longer allowed.