Security Plugins Hub

Bring your software development workflows to security

Tor Protection

TOR Protection

Signals & Triggers

On request
If IP is part of current TOR exit nodes list


  • Block the HTTP request Block the HTTP request
  • Log the malicious request Log the malicious request


This plugin allows users to monitor traffic from TOR and take actions when an incoming HTTP requests comes from TOR.

Advanced details

On every incoming HTTP request, this plugin checks whether a specific IP address is a TOR exit node.

It lookups the client IP address based on:

  • HTTP headers (x-forwarded-for, x-client-ip, x-real-ip, x-forwarded, x-cluster-client-ip, forwarded-for, forwarded, via).
  • remote connection IP address

If the IP is in the current TOR exit nodes list (updates every hour), then this plugin is triggered.

TOR connections can either be monitored or blocked.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen


No data collected

On attack
  • Number of requests blocked

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java
  • Go
  • .net
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

$ curl -s > && bash your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

$ curl -o sqreen.jar

Request your beta access for the Go agent Request beta
Get notified when the .net agent releases Notify me

Build amazing products. Keep them safe.

5 min installation · Try all features for 14 days · No credit card required Sign up Request demo