This article applies to our On-Premise Appliance Filter and Firewall product only, not to Cloud.
Tor allows users to navigate the web anonymously. Users with access to Tor can bypass the Smoothwall On-Premise Appliance Filtering and access blocked content.
Follow the steps below to block Tor traffic by blocking certain ports.
Tip: Port 80 is also used by Tor, but Tor traffic using this port is automatically blocked by the Web Filter.
Step 1: Set up HTTPS Inspection
You must create a HTTPS Inspection Policy to Decrypt and Inspect for Everyone, Everything, Everywhere, Always to block Tor traffic on port 443.
Step 2: Set up a Firewall rule
Set up a Firewall rule to Drop traffic from Tor.
- In the Services section, select Create.
- In the pop up, select New service, enter a Name, select TCP as the Protocol and enter the Port number.
- Select Add item.
- Repeat the above steps for each of these ports:
- 9000
- 9001
- 3443
- 8443
- 8080
- 587
- In the Services section, select the checkboxes next to the ports and select Add to add the ports to your Firewall rule.
Note: You will see an option for Proxies > Tor in the Applications (Apps) section. Please note that checking this box has no effect.