How to deal in Whonix with websites banning Tor

I’d like to be behind Whonix workstation tor but need to use residential proxies because a couple websites I need to use ban tor. Anyone have a solution on how I can do this? My only ideas are:

  1. Whonix workstation connect to vps via RDP and use Firefox on VPS.

  2. Whonix workstation launch Firefox. Put residential proxy in Firefox Browser. Not sure if this would work? Ruin my anonymity?

bad idea

does you mean like this?
setup your vps as a vpn
then setup a way to proxy the vpn inside tor


also, can you make the tile more useful? i’m not clearly understand the thread

Why is 1. a bad idea? I’m connecting through tor and using the VPS to access clear web so I don’t look like a tor user at all.

this mean you have to trust your vps more than 2 one (there more reason but i forgotten it)

Using a VPN over Tor (as in, You -> Tor -> VPN -> Internet) is generally not a bad idea, and does not depend on the trust of the VPN provider since all the provider sees is a connection from a Tor node. As long as you can pay for your VPN anonymously (for example, Mullvad), it doesn’t affect to anonymity

Nevermind I kinda misread what the original poster meant by the first point, but I guess my point stands as a solution to the problem

i’m not going to say vpn over tor bad

You seem to be aware that a Whonix workstation requires a Whonix gateway as the NetVM. However, you need certain websites to see a non-Tor connection. So you need to be using a non-Tor browser to access those sites - ideally connecting to a VPN first. If you are going to be using Firefox anyway, why not just use a Debian VM with Firefox pointing to a trusted VPN proxy. Set up the VPN proxy with strict firewall settings and DNS script. Add another firewall VM between the two. Something like:

Debian-Firefox -> web-firewall -> VPNproxy 

The VPN proxy can point to your Tor gateway (through another firewall VM). Something like:

Debian-Firefox -> web-firewall -> VPNproxy -> vpn-firewall -> sys-whonix -> sys-firewall -> sys-net

This is a “Tor over VPN” setup (or more intuitively “VPN through Tor”)

In other words, you first connect to your ISP through Tor and then begin sending your browser requests to your VPN through the Tor network. Your ISP knows you are using Tor but the website sees you using the VPN IP.

You could use that configuration for the few places you require non-Tor connectivity with a web service. For everything else use a more ideal setup such as Tor or VPN over Tor i.e. anon-whonix -> sys-whonix -> sys-firewall -> sys-net OR anon-whonix -> sys-whonix -> tor-firewall -> VPNproxy -> sys-firewall -> sys-net

I think the above approach is better than messing with remote desktops and firefox running on cloud servers, etc.

Updated the title to a (hopefully) more useful one

1 Like

place that aside, i don’t like whonix developer opinion in this topic

As a tor user when ever I run into a website I can’t access because I am using a tor connection. My solution is simple: Look the website/article up on startpage and you can use their “anonymous view” which is a web proxy to view what ever website that bans tor. Because startpage is tor friendly. They will not only let you search but they will even let you use their web proxy from tor without a fuss. Don’t over complicate it.

1 Like

Seconding LinuxTom’s comment to keep it simple. There are also dedicated web proxy services (google “web proxy”) you can use from within torbrowser. No sys-vpn setup required, no payment info linking you to the proxy/VPN provider, and compatible with privacy-hardened torbrowser (rather than vanilla firefox).

not sure if i should trust them?

As far as I am aware they are a reputable privacy focused search engine but don’t take my word for it. Since you would be accessing start page through tor you should be protected unless you tell them who you are. Any web proxy that will let you access through tor should also work.

Connecting to duckduckgo with the Tor Browser then searching for the target site and then connecting through the returned link still uses the Tor network and registers a tor exit relay on:

1 Like

This is a good use of anonymous view in StartPage, but it doesn’t always work. The wayback machine, https://web.archive.org, can be helpful in these cases.

2 Likes

That is nice to know I haven’t thought of that before. I’ll be sure to keep that in mind the next time I find myself in a pickle.