Following was modified from some page which I can't remember at the moment for blocking requests from tor nodes, hope it helps.
Put the following in a file called getcache.php and add a cron job to run it every 15 minutes or so. It retrieves a list of IP addresses that people use for tor and puts them in the directory defined by $CacheDir.
Code:
<?php
// Retrieves the tor exit nodes from specified servers.
// Configuration
$SourceFiles[0] = "https://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[1] = "https://torstatus.all.de/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[2] = "https://torstatus.kgprog.com/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[3] = "https://kradense.whsites.net/tns/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[4] = "http://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[5] = "http://torstatus.all.de/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[6] = "http://torstatus.kgprog.com/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[7] = "http://tns.hermetix.org/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[8] = "http://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[9] = "http://tns.hermetix.org/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[10] = "http://kradense.whsites.net/tns/ip_list_exit.php/Tor_ip_list_EXIT.csv";
$SourceFiles[11] = "http://tor.recox.org/ip_list_exit.php/Tor_ip_list_EXIT.csv";
// These are set to the main Tor Network Status servers, but you can change them to whatever you want,
// as long as the format is one IP per line, and they are ordered
$CacheDir = "/var/www/torcache"; // Directory that the ip files are written to
// Make sure you set full write access to this directory
$sites = count($SourceFiles); // Count how many sources there are to choose from, so you don't have to
$f = false; // File handler false by default
$s = false; // Success false by default
for($i=0; $i<$sites; $i++) // For loop to make sure we get one ip list
{
$f=file($SourceFiles[$i]); // Attempt to open the file
if ($f != false) // If file was successfully opened
{
$s = true; // Set success to true
break; // Get out of the for loop
}
}
if ($s == false) die("No cache file could be retrieved."); // Die if we didn't get a file
$len = count($f); // Number of IPs retrieved
$last = 0; // Var used for changing files in the tor cache
$f2 = false; // Resource indicator for writing the file
for($j=0;$j<$len;$j++) // While we still have IPs to go through
{
$foctet = explode(".",$f[$j],2); // Get just the first octet from the IP
if ($last == 0) // This happens only the first time
{
$f2 = fopen($CacheDir . "/" . $foctet[0], "w"); // Open a new file
} else
if ($foctet[0] != $last) // If our first octet has changed
{
fclose($f2); // Close our other file
$f2 = fopen($CacheDir . "/" . $foctet[0], "w"); // Open a new one
}
fwrite($f2, $f[$j]); // Write our IP to the file
$last = $foctet[0]; // Set the last octet to this octet, so we can compare next time
}
fclose($f2); // Close the last file
//That should do the trick.
?>
Then add a file called torcheck.php containing following which checks the list of tor IPs the previous script obtained and returns a 0 or a 1 to tell whether the request is from tor ...
Code:
<?php
// Compares Remote IP Address to a tor router list
// Configuration
$tornode=0;
$CacheDir = "/var/www/torcache"; // Directory that the ip files are contained
$foctet = explode(".", $_SERVER['REMOTE_ADDR'], 2); // Get first octet of IP address
$f=@file($CacheDir . "/" . $foctet[0]); // Open cache file, suppressing error messages
$len = count($f); // Count the amount of IPs in the cache file
$isrouter = false; // Default, as this value only changes if it is a router
if ($f != false) {
$ip = ip2long($_SERVER['REMOTE_ADDR']); // Our IP address as an integer
for ($i=0;$i<$len;$i++) // While there are still IP addresses to read
{
if ($ip == ip2long(rtrim($f[$i]))) // If the remote IP and an IP from the list match
{
$isrouter = true; // Our visitor is a tor node
break; // Continue
}
}
}
if ($isrouter) // If visitor is a tor node
{ // Put any code you want here
$tornode=1;
exit(); // Exit
}
else // If visitor is not a tor node
{ // Put any code you want here
// Do Nothing
$tornode=0;
}
//echo("Your IP address is " . $_SERVER['REMOTE_ADDR']); // Optional; removal is recommended
// That should just about do it.
?>
Then add the following to any or all pages you want to protect from tor request.
Code:
include('/path/to/torcheck.php');
$ipaddress = $_SERVER['REMOTE_ADDR'];
if($tornode == 1){
// tor client, do something
// uncomment to exit
// exit();
// uncomment to redirect
// header("Location:http://www.somewhere.com/");
// exit();
// uncomment to send email
// $adminemail = '[email protected]';
// $errormessage =
// 'Issue: Tor request' . "\n" .
// 'Users IP Address: ' . $_SERVER['REMOTE_ADDR'] . "\n" .
// 'User Agent: ' . $_SERVER['HTTP_USER_AGENT'] . "\n" .
// 'Referring URL: ' . $_SERVER['HTTP_REFERER'] . "\n" .
// 'URL Clicked: ' . 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "\n" .
// 'IP Info: ' . 'http://www.ip-adress.com/ip_tracer/' . $_SERVER['REMOTE_ADDR'];
// mail($adminemail, "Tor Request", $errormessage, "From: $adminemail");
// uncomment to add to iptables if you use that
// $homeip = 'your ip address you access server with';
// $serverip = 'any server ip you don't want blocked';
// if(!ereg("($homeip|$serverip)",$_SERVER['REMOTE_ADDR'])){
// exec("sudo /sbin/iptables -I INPUT -p tcp -m tcp -s $ipaddress --dport 80 -j DROP");
// }
}