Site will be messed up for a bit as I work on things/break them.
DNL

Reddit is Blocking 15% of Tor Exit Relays

According to Reddit users on various Tor and privacy related subreddits, Reddit—or Reddit’s CDN, Fastly—is blocking access to many Tor users and directly blocking exit nodes in Germany.

Relay Stats

According to a post on the Tor subreddit, Reddit or their content delivery netowork (CDN) have been blocking access to Tor users. The users, it seems, are those accessing Reddit while connected to an exit node in Germany. Germany, according to the Tor Projects own metrics, is currently the host of 131 exit nodes. As of May 10, there are only 929 exit relays. Roughly 15% of Tor relays will not connect to Reddit.

Tor Exit Relays in Germany

Tor Exit Relays in Germany

Thanks to the Reddit user u/Molire for putting these numbers together in their original post.

Reddit or its CDN appear to be blocking exit relays currently running in Germany. If Reddit or its CDN are blocking all 131 exit relays currently running in Germany, only 800 of 931 exit relays currently running in Tor network, or 85.93%, are available for connections to Reddit.

Number of Current Exit Nodes

Number of Current Exit Nodes

On May 4, another user noticed that something similar but did not narrow it down to exit nodes in Germany.

It looks like Reddit has started blocking TOR exit nodes

Lately I’ve been getting blank pages with a single word on it: “Blocked”. Changing an exit node sometimes helps, but I suspect that the plan is to ban all of them / the vast majority of them.

In late April, this happened again. This time, the user seemingly only made the connection between exit nodes and Reddit use after failing to trick Reddit (or Fastly) by sending custom headers and changing the user agent from the default user agent sent by the Tor Browser Bundle. It took this user three circuit reset attempts to finally access Reddit.

Reddit is now blocking certain tor exit nodes, and it is returning “Blocked” pages.

I have no idea why this is happening, but if i connect to certain exit nodes, I just get a “Blocked” screen from reddit. I modified the header I send, (didnt work), I reset the circuit twice, but it didnt work, but on the third circuit, it did. I changed user-agent, and tested for everything.In conclusion: reddit is blocking certain tor exit nodes, so is there any way we can get around this? (besides resetting circuit)

Fixes

New Identity

The simplest and safest solution is to simply select “New Identity” or “New Circuit For This Site” in the menu underneath the onion icon next to the address bar.

New Identity in Tor

New Identity in Tor

Custom Entry and Exit Nodes

(From the Tor Project’s own FAQ)

The following options can be added to your config file torrc or specified on the command line:

EntryNodes $fingerprint,$fingerprint,…

A list of preferred nodes to use for the first hop in the circuit, if possible.

ExitNodes $fingerprint,$fingerprint,…

A list of preferred nodes to use for the last hop in the circuit, if possible.

ExcludeNodes $fingerprint,$fingerprint,…

A list of nodes to never use when building a circuit.

ExcludeExitNodes $fingerprint,$fingerprint,…

A list of nodes to never use when picking an exit. Nodes listed in ExcludeNodes are automatically in this list.

We recommend you do not use these — they are intended for testing and may disappear in future versions. You get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry / exit nodes can mess up your anonymity in ways we don’t understand.

Note also that not every circuit is used to deliver traffic outside of the Tor network. It is normal to see non-exit circuits (such as those used to connect to onion services, those that do directory fetches, those used for relay reachability self-tests, and so on) that end at a non-exit node. To keep a node from being used entirely, see ExcludeNodes and StrictNodes in the manual.

Instead of $fingerprint you can also specify a 2 letter ISO3166 country code in curly braces (for example {de}), or an ip address pattern (for example 255.254.0.0/8). Make sure there are no spaces between the commas and the list items.

If you want to access a service directly through Tor’s Socks interface (eg. using ssh via connect.c), another option is to set up an internal mapping in your configuration file using MapAddress. See the manual page for details.

I reached out to Fastly for a comment and they declined to provide an answer. They directed me to contact Reddit support—a worthless task.