Question

Tor

Can i host a exit Tor node with you?

Thanks

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

DO is not being lazy about TOR. That are lots of “low-cost” providers who explicitly mention that TOR exits are not allowed in their AUP. These are the ones who are being lazy. Running exit nodes require knowledge and responsibility so the answer to this question cannot be a simple yes or no.

I found a handful of DigitalOcean IP addresses in the TOR directory marked as “Exit” and a dozen others who are operating non-exit relays. So you too can run one with proper precautions.

I strongly recommend running a non-exit node for a couple of months so that you know how much resources are being consumed and also to get yourself familiar with the configuration directives of torrc file.

Before moving to an exit node read all the following resources carefully.

In running a Tor server, the user is acting as an ISP.

Yes the user is only “acting” they are not a real ISP which is why they are responsible for their actions just like how a VM acting as a dedicated server is responsible for saturation of its host’s resources.

The response (via the TOS) strikes me as lazy. <br> <br>As an ISP, your upstream provider understands that you are not liable for us (your subusers). The law (DMCA) specifically protects ISPs from garbage that originates from it’s subusers (Safe Harbor Provision). <br> <br>Your only required action upon receiving an abuse complaint is to forward it to the droplet operator. If a response isn’t received, you are obligated (in some circumstances) to block the content. <br> <br>I am paraphrasing, but your subuser policy sounds like this: <br> <br>“As an ISP I relay on the Safe Harbor provisions of the DMCA to insulate me from my sub-users. Otherwise my business model wouldn’t exist. My users cannot excercise the same provisions (for which they are probably eligible) unless I am not bothered in any way. If anyone (anyone at all, on the internet, with spurious poof) complains, I will shut down my customers instead of forwarding the emails”. <br> <br>I get that you are running a business, but instead of proactively alienating customers… why not back your customers first? Is opening a ticket for each abuse email (copy&paste) and turning off droplets that don’t respond in a timely manner really that hard? It sounds like a cron job to me…

I don’t think there will be much of any complaints if you just allow ports 80 and 443 (the http and ssl ports). I think if you allow everything, then it could be a potential issue, although those laws you cited are a good point and I’m not familiar with them, so I can’t say how digitalocean would be affected. Still, ports 80 and 443 are pretty much the only ports most people need, other than for gaming or programmy stuff. Just remember those complaints will be against you specifically. If you want to help, running a relay is pretty helpful, too, and promoting the use of the actual VPN is pretty good as well (you can run a site on the network without an exit node).