Created on
05-21-2024
11:18 PM
Edited on
05-22-2024
01:25 AM
By
Jean-Philippe_P
Description | This article describes how to block Tor connection requests. |
Scope | FortiGate. |
Solution
|
F-SBID( --name "Tor.meek.Custom"; --protocol tcp; --service HTTP; --flow from_client; --parsed_type HTTP_POST; --pattern "meek.azureedge.net"; --context host; --pattern "|16 03 01|"; --context body; --within 3,context; --pattern "|01|"; --context body; --distance 5,context; --within 1,context; --pattern "www."; --context body; --distance 121; --within 4; --pattern ".com"; --context body; --distance 0; --within 32; --app_cat 6; --weight 20; )
The Tor browser does not progress from this state.
Related articles: Technical Tip: How to block traffic coming from TOR exit nodes Technical Tip: Prevent TOR IP addresses from accessing SSL VPN with brute-force attacks on FortiGate |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.