Black Friday

5 Best VPNs when using Tor

Douglas Crawford

Douglas Crawford

February 2, 2016

Although in many ways very different, both VPNs and the Tor anonymity network use encrypted proxy connections in order to hide users’ identities (VPN is useful for much more than this, but privacy is a core feature of the technology).

  • VPN is faster than Tor, and is suitable for P2P downloading. The major downside (and reason VPN is said to provide privacy rather than anonymity) is that it requires you trust your VPN provider. This is because, should it wish to (or is compelled to), your VPN provider can “see” what you get up to on the internet. VPN also allows you to easily spoof your geographic location.
  • Tor is much slower, is often blocked by websites, and is not suitable for P2P, but it does not require that you trust anybody, and is therefore much more truly anonymous.

The cool thing is that VPN and Tor can be used together in order provide an extra layer of security, and to mitigate some of the drawbacks of using either technology exclusively.

The main downside of doing this is that using both VPN and Tor together combines the speed hit of both technologies, making connecting in this way secure… but slow.

It is also important to understand the difference between connecting to Tor through VPN and connecting to VPN through Tor. We discuss this in detail later in this article.

Best VPNs when using Tor Summary

Rank Company Score Price Link
AirVPN review
$4.82 / monthVisit Site
BolehVPN review
$6.67 / monthVisit Site
NordVPN review
$3.29 / monthVisit Site
Privatoria review
$2.74 / monthVisit Site
TorVPN review
$0.67 / monthVisit Site
Editor's Choice Award




Best VPNs for TOR

  • ProsPROS
  • No logs at all
  • VPN through Tor
  • Transparent service
  • Accepts Bitcoin
  • P2P: yes
  • ConsCONS
  • Techiness does put people off
  • Customer support could be better
  • Limited number of servers worldwide

This Italian provider offers among the best security and anti-censorship technology available on the web, allowing both SSH and SSL tunneling to evade government blocks. Add in no logs, some of the strongest encryption around, and a Windows, Mac OSX and Linux client with built-in DNS leak protection and kill switch, and AirVPN should be on the top of every privacy fanatic’s wish list.

In keeping with its usual technical excellence, AirVPN is one of the only two VPN providers I know of to offer VPN through Tor (plus it provides instructions for connecting Tor through VPN using the Tor Browser). The main problem with AirVPN is that its service is definitely aimed at techies, which despite initial interest does appear to put many of our readers off.

Additional features: Real-time user and server statistics, VPN through SSL and SSH tunnels, very reliable, open source client with internet kill switch and DNS leak protection, 3-day free trial, dynamic port forwarding, 3 simultaneous connections

Best for VPN through Tor!

Visit AirVPN »

3-day free trial (on request)

2nd place



BolehVPN Logo

  • ProsPROS
  • No logs at all
  • VPN through Tor
  • Client with VPN kills switch and DNS leak protection
  • Accepts Bitcoin
  • SmartDNS included
  • ConsCONS
  • Could be more user-friendly

Based at an off-shore location somewhere off Malaysian coast, this provider offers ‘xCloak’ servers designed bypass government censorship. BolehVPN has a logs at all policy, that it now uses excellent encryption, allows P2P downloading, and has great connection speeds. The Windows and OSX client is also very funky, and features a VPN kill switch and DNS leak protection. The fact that BolehVPN throws in a SmartDNS services for free is also great.

Like AirVPN, BolehVPN offers VPN over Tor, allowing for true anonymity while online, and provides instructions for connecting Tor through VPN using the Tor Browser. Also like AirVPN, it is a little consumer-unfriendly and assumes a level of technical know-how from users that may not be to everyone’s tastes.

Additional features: P2P: yes, 2 simultaneous connections, “xCloak” servers.

Visit BolehVPN »

3rd place



NordVPN Logo

  • ProsPROS
  • No logs
  • Based in Panama
  • Accepts Bitcoin payment
  • Tor over VPN
  • 2 simultaneous connections
  • ConsCONS
  • Can be very slow

Based in Panama, NordVPN has a ‘no logs at all’ policy, uses strong encryption, and accepts anonymous payment using Bitcoin. It also supports Tor through VPN via one of its OpenVPN configuration file. The main advantage of this over simply using the Tor browser with the VPN connected is that all your internet traffic is routed Tor through VPN rather than just that of the Tor Browser.

Although it scores very well in terms of privacy and security, NordVPN is somewhat let down by poor speed performance, which is a shame, as it is otherwise a very good service.

Visit NordVPN »

4th place



Privatoria Logo

  • ProsPROS
  • No logs
  • Tor through VPN
  • Accepts Bitcoin
  • Android app
  • Cheap
  • ConsCONS
  • Slow
  • No custom desktop client

This Czech-based provider is notable for being very wallet-friendly, but is otherwise fairly barebones (for example it has no custom desktop VPN client, although it does have a promising Android app with secure email and chat built-in). Privatoria’s speed performance is a little underwhelming, but it makes up for this somewhat by keeping no logs and accepting Bitcoin payments (and did I mention that it’s cheap!) Like NordVPN, Privatoria lets you route your entire internet connection Tor through VPN via an .ovpn configuration file.

Additional features: 3 simultaneous connections, P2P: yes (on most servers).

Visit Privatoria »

5th place



TorVPN Logo

  • ProsPROS
  • Tor through VPN
  • Tor “hybrid mode” (insecure)
  • Cheap
  • Strong encryption
  • Dynamic port forwarding
  • ConsCONS
  • Based in UK (legally)
  • Extensive connection logs
  • P2P: no
  • No custom software

Although it operates out of Hungary, TorVPN is based in the UK, and is therefore required to keep quite extensive connection logs.  It does, however, use excellent encryption, and is very cheap. Interestingly, in addition to offering “regular” Tor through VPN (similar to NordVPN and Privatoria), TorVPN offers a hybrid node that allows you to access .onion websites using its own Tor DNS server. Even TorVPN, however, freely admits this is very insecure!

Visit TorVPN »


As we can see above, there are two main ways to go about using VPN and Tor together. You can connect to your VPN then route the connection through the Tor network (Tor through VPN), or you can connect to the Tor network before routing your connection through your VPN.

Tor through VPN

In this configuration you connect first to your VPN server, and then to the Tor network before accessing the internet:

Your computer -> VPN -> Tor -> internet

Although some of the providers listed above offer to make such a setup easy, this is also  what happens when you use the Tor Browser or Whonix (for maximum security) while connected to a VPN server, and means that your apparent IP on the internet is that of the Tor exit node.


  • Your ISP will not know that you are using Tor (although it can know that you are using VPN)
  • The Tor entry node will not see your true IP address, but the IP address of the VPN server. If you use a good no-logs provider this can provide a meaningful additional layer of security
  • Allows access to Tor hidden services (.onion websites).


  • Your VPN provider knows your real IP address
  • No protection from malicious Tor exit nodes. Non-SSL traffic entering and leaving Tor exit nodes is unencrypted and could be monitored
  • Tor exit nodes are often blocked
  • We should note that using a Tor bridge such as Obfsproxy can also be effective at hiding Tor use from your ISP (although a determined ISP could in theory use deep packet inspection to detect Tor traffic).

Important note: NordVPN, Privatoria and TorVPN offer VPN through Tor via an OpenVPN configuration file (which transparently routes your data from OpenVPN to the Tor network). This means that your entire internet connection benefits from Tor through VPN.

Please be aware, however, that this is nowhere near as secure as using the Tor browser, where Tor encryption is performed by the Tor servers, and not on your desktop (as is the case with transparent proxies).  It is also possible that with transparent proxies your provider could intercept traffic before it is encrypted by the Tor servers.

For maximum security when using Tor through VPN you should always use the Tor browser.

VPN through Tor

This involves connecting first to Tor, and then through a VPN server to the internet:

Your computer -> encrypt with VPN -> Tor -> VPN -> internet

This setup requires you to configure your VPN client to work with Tor, and the only VPN providers we know of to support this are AirVPN and BolehVPN. Your apparent IP on the internet is that of the VPN server.


  • Because you connect to the VPN server through Tor, the VPN provider cannot ‘see’ your real IP address – only that of the Tor exit node. When combined with an anonymous payment method (such as properly mixed Bitcoins) made anonymously over Tor, this means the VPN provider has no way of identifying you, even if it did keep logs
  • Protection from malicious Tor exit nodes, as data is encrypted by the VPN client before entering (and exiting) the Tor network (although the data is encrypted, your ISP will be able to see that it is heading towards a Tor node)
  • Bypasses any blocks on Tor exit nodes
  • Allows you to choose server location (great for geo-spoofing)
  • All internet traffic is routed through Tor (even by programs that do not usually support it).


  • Your VPN provider can see your internet traffic (but has no way to connect it to you)
  • Slightly more vulnerable to global end-to-end timing attack as a fixed point in the chain exists (the VPN provider).

This configuration is usually regarded as more secure since it allows you to maintain complete (and true) anonymity.  Remember that to maintain anonymity it is vital to always connect to the VPN through Tor (if using AirVPN or BolehVPN this is performed automatically once the client has been correctly configured). The same holds true when making payments or logging into a web-based user account.

Malicious exit nodes

When using Tor, the last exit node in the chain between your computer and open internet is called an exit node. Traffic to or from the open internet (Bob in the diagram below) exits and enters this node unencrypted. Unless some additional form of encryption is used (such as HTTPS), this means that anyone running the exit node can spy on users’ internet traffic.

Tor-onion-network exit node

This is not usually a huge problem, as a user’s identity is hidden by the 2 or more additional nodes that traffic passes through on its way to and from the exit node. If the unencrypted traffic contains personally identifiable information, however, this can be seen by the entity running the exit node.

Such nodes are referred to as malicious exit nodes, and have also been known to redirect users to fake websites.

SSL connections are encrypted, so if you connect to an SSL secured website (https://) your data will be secure, even it passes through a malicious exit node.

bestvpn https

End-to-end timing attacks

This is a technique used to de-anonymize VPN and Tor users by correlating the time they were connected to the timing of otherwise anonymous behavior on the internet.

An incident where a Harvard bomb-threat idiot got caught while using Tor is a great example of this form of de-anonymization attack in action, but it is worth noting that the culprit was only caught because he connected to Tor through the Harvard campus WiFi network.

On a global scale, pulling off a successful e2e attack against a Tor user would be a monumental undertaking, but possibly not impossible for the likes of the NSA, who are suspected of running a high percentage of all the world public Tor exit nodes.

If such an attack (or other de-anonymization tactic) is made against you while using Tor, then using VPN as well will provide an additional layer of security.

So which is better?

VPN through Tor is usually considered more secure because (if the correct precautions are taken) it allows true anonymity – not even your VPN provider knows who you are. It also provides protection against malicious Tor exit nodes, and allows you to evade censorship via blocks on Tor exit nodes.

You should be aware, however, that if an adversary can compromise your VPN provider, then it controls one end of the Tor chain. Over time, this may allow the adversary to pull off an end-to-end timing or other de-anonymization attack. Any such attack would be very hard to perform, and if the provider keeps logs it cannot be performed retrospectively, but this is a point the Edward Snowden’s of the world should consider.

Tor through VPN means that your VPN provider knows who you are, although as with VPN through Tor, using a trustworthy provider who keeps no logs will provide a great deal of retrospective protection.

Tor through VPN provides no protection against malicious exit nodes and is still subject to censorship measures that target Tor users, but does mean that your VPN provider cannot see your internet traffic content…


Whichever configuration you choose, combining VPN and Tor will improve your privacy and security, and goes some way towards addressing weakness in using either technology as a stand-alone solution.

I do, however, encourage any user who requires a very high level of security to carefully weigh up the pros and cons of each setup in relation to their particular needs. Under most circumstances, for example, using VPN through Tor provides almost perfect anonymity, but the fact that the VPN acts as a fixed end-point for Tor does mean that under some circumstances such a setup could potentially become a liability.

It is also worth remembering that any VPN user can run Tor through VPN simply by running the Tor Browser after their VPN connection has been established (and this is more secure than using the transparent proxy method offered  by NordVPN, Privatoria and TorVPN).

Best VPNs when using Tor Summary

Rank Company Score Price Link
AirVPN review
$4.82 / month Visit Site
BolehVPN review
$6.67 / month Visit Site
NordVPN review
$3.29 / month Visit Site
Privatoria review
$2.74 / month Visit Site
TorVPN review
$0.67 / month Visit Site
Douglas Crawford

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

15 responses to “5 Best VPNs when using Tor

  1. Hello. This article provides some really nice, easy to understand, information and I thank you for that. I did have a couple of comments.

    I believe the phrase “VPN through Tor provides no protection against malicious exit nodes”, in the paragraph before the Conclusion (Tor through VPN), is a typo as you say the exact opposite in your description “VPN through Tor”.

    Also, in the graphic describing “How Tor Works” you describe exit node behavior as “enters and exits this node unencrypted” but show the entry as a green arrow (encrypted) instead of a red arrow (unencrypted).

    I only bothered to write this because I think this is article provides some really nice info in a non-technical way, not to criticize. Thank you.

    1. Hi Mike,

      – You are correct, it should have been the other way around (now corrected). I did get myself a little muddled when first writing this article, but I believe everything is now correct.

      – Ah. What I mean is that traffic enters and exits the exit node from the internet unencrypted. I agree that this sentence could be clearer, and have now modified it.

      Thank you for your input. I want all my articles as to be as accurate and clear as possible, so I welcome this kind of feedback.

  2. I was planning on using PIA (Private internet access) for my vpn. As well I wanted to use Tor, but it’s not listed as one of the Vpn’s that it can be used with
    Am I reading it wrong or am I not able to use Tor with PIA?

    1. Hi Dave,

      Any VPN (including PIA) can be used in Tor through VPN configuration simply by connecting to the VPN, then accessing the web using the Tor Browser. As discussed in this article, some services offer Tor through VPN routing, although I do not consider this nearly as secure as the method just mentioned. The only VPN services to support VPN through Tor are AirVPN and BolehVPN.

      1. Thanks for the reply
        I had sent PIA an email asking if Tor can be used and this was the response. They make it sound like you shouldn’t do it…

        Thanks for contacting PIA support. I’m sorry about the issue that you are experiencing.

        Having more than one VPN and/or proxy very likely will result in a reduction in privacy and possible security leaks as well as possible connection issues.

        The VPN by itself is encrypting the data to and from your device. When you add an additional VPN or proxy it tries to encrypt the encryption and then doesn’t allow the first connection to perform as it should.

        While trying to use our VPN and get it stable, please remove any other proxy and VPN connections from your system as we can’t offer any troubleshooting support while these additional connections are in place.

        Please let us know how can we further assist you.

        Toshy M.
        Technical Support Specialist
        Private Internet Access™

        1. Hi Dave,

          I would say that this is a very unsatisfactory response, and that Toshy M. failed to engage with or understand the question. Using Tor and VPN together brings the advantages and disadvantages outlined in this article. One thing that he is right about is that such a connection will be less stable as there are increased points of failure.

      1. Hi TE,

        As discussed in this article, using Tor plus a VPN is a very good way to stay hidden on the internet.

    1. Hi Guy,

      VPNs are usually much faster that Tor, although if using both together you get the combined speed hit.

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Information will never be shared with any third party.
Enter your email address to receive your Beginner's Guide to Online Security for Free
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the ebook:
Your Information will never be shared with any third party.
Enter your email address to receive your Ultimate Online Privacy Guide eBook!
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the eBook:
Special VPN Deal
Exclusive Offer
Get a Special Deal - 72% OFF!
With a biannual subscription
Exclusive Offer for Visitors!
50% Off Annual Plan
Limited Time Only
Exclusive price of
Exclusive Offer
Get NordVPN for only