Tor over VPN: is it useful if you're not a whistleblower?
Our in-house cybersecurity experts and journalists, renowned for major reports like The Mother of All Breaches, conduct transparent, unbiased VPN testing and in-depth analysis.
With 750+ articles crafted based on real-world research, we empower readers to make informed purchasing decisions through first-hand expertise.
Learn more
Think of online privacy as locking your front door: one lock helps, but sometimes you want a second one. Tor over VPN is a method that uses two such locks: a VPN and the Tor network. First, the VPN hides your IP address and encrypts your traffic. Then, Tor sends your connection through several random servers, making it much harder to trace. This setup can be useful if you want extra privacy or don’t want your internet provider to know you’re using Tor.
Below, you’ll find everything you need to know about Tor over VPN. I will also recommend the 5 best Tor VPNs based on testing I’ve done with our research team.
Tor and VPN
It's impossible to explain how Onion over VPN works without touching on how each component works separately. Many people who are looking for anonymity indeed usually use just one of them. As with everything, there are benefits as well as drawbacks.
What is a VPN?
A VPN is a virtual private network, a technology that routes your connection through an intermediary server. The connection between your device and the server is encrypted, making your connection impossible to intercept from the outside. It also disguises your real IP address with that of a VPN server.
You can set up a VPN server yourself or buy a subscription from a VPN service provider. The latter allows you to connect to large server fleets with the possibility to pick almost any country in the world. Thus, disguising your IP and making it seem as if you're connecting from a different country.
What is Tor?
Tor is an abbreviation of The Onion Router. It can mean either the Tor networking system or the Tor browser. The networking system operates on an open network that anyone can join. It works by routing and encrypting connections through several other users' computers. Each such re-routing point is known as a relay or node, and it receives and sends the data forward. By default, Tor uses at least three relays between your device and the final connection, hiding your IP address behind several layers and encrypting the data.
How does Tor or Onion over VPN work?
Onion over VPN combines the encryption of the VPN between your device and the server. Plus, it adds several Tor relays between the VPN server and the final network destination. It greatly extends the intermediaries in between the server you're contacting and your device:
- You connect to a VPN server, which encrypts your connection and hides your real IP address.
- The request is then sent through a minimum of three relays to reach the intended destination.
Suppose someone wanted to trace back the connection to the source – that would be almost impossible to do. Especially if you're using a no-logs VPN service that you paid for anonymously.
Best VPNs for Tor
- NordVPN – best VPN for safe Tor browsing
- Surfshark – great low-cost VPN for Tor
- IPVanish – secure Tor VPN for everyone
- ExpressVPN – security-focused Tor VPN
- CyberGhost – fast VPN for online browsing
📢 LIMITED OFFER: Get NordVPN, only now 75% OFF!
We've selected some of the best VPNs for the Tor browser. If you want to make your trips to the dark web safer, these will prove to be invaluable allies. Some of them have Onion over VPN functionality built in, which makes your setup even easier. Regardless of which one you end up choosing, you can have several layers worth of protection with each of these VPNs and Tor.
1. NordVPN – best VPN choice for browsing on Tor
| Based in: | Panama |
| Simultaneous connections: | 10 |
| Servers/countries: | Servers in 149 locations |
| Current deal: | Get 75% OFF NordVPN + 3 months free |
NordVPN is one of the safest VPNs that money can buy. It also works perfectly with the Tor browser. Onion Over VPN functionality is built in, meaning that you'll only need to choose this server type and connect to enjoy all the anonymity benefits.
There are a lot of other useful features like the NordLynx tunneling protocol and split tunneling. So, you will be getting top speeds and have good control of the app itself. As Tor connections are generally very slow, starting with a fast VPN gives you a good head start. You can get this VPN for $3.49/month or even cheaper with one of our NordVPN discounts.
For more NordVPN features, see our NordVPN review.
2. Surfshark – affordable VPN for Tor browsing
| Based in: | The Netherlands |
| Simultaneous connections: | Unlimited |
| Servers/countries: | 4,500+ servers in 100 countries |
| Current deal: | Now up to 85% OFF Surfshark + 3 months FREE |
Surfshark is one of the most affordable Tor VPNs. This provider can contribute to the cause if surfing with the Tor browser is something you're looking for. Not only does it allow you to switch between three different types of encryption, but it also supports the WireGuard tunneling protocol.
Speed-wise, the service is one of the fastest. It has also recently introduced the Dausos protocol, which is supposed to deliver 30% faster speeds. It should really help you if you don't want to lose speed when you're connected through the Tor browser. It doesn't hurt that the service is also one of the cheapest – prices start from $2.49/month. Overall, you're getting a superb value package if you catch one of the Surfshark deals.
For more information, read our Surfshark VPN review.
3. IPVanish – excellent Tor VPN for secure browsing
| Based in: | United States |
| Simultaneous connections: | Unlimited |
| Servers/countries: | 3,400+ servers in 112 countries |
| Current deal: | Now up to 83% OFF IPVanish |
IPVanish is another great VPN option for surfing on the Tor browser. It supports unlimited simultaneous connections and uses OpenVPN Scramble for obfuscation. So, you can install it on all of your devices, and no one will know you’re using a VPN for additional protection.
In terms of security, you also get a reliable kill switch, a split tunneling feature, and robust AES-256 encryption – all of which add an extra layer of protection when using the Tor browser. The subscription prices start from $2.19/month. Just keep in mind that you can get discounts with our IPVanish coupons.
Find out more about this provider in our detailed IPVanish review.
4. ExpressVPN – secure VPN for Tor browsing
| Based in: | British Virgin Islands |
| Simultaneous connections: | 14 |
| Servers/countries: | Undisclosed number of servers in 105 countries |
| Current deal: | Now up to 80% OFF ExpressVPN + 4 months FREE |
With plenty of security features, ExpressVPN is a great way to protect yourself on the Tor browser. For starters, you get to enjoy obfuscated servers, which hide the fact that you’re using a VPN in the first place. Plus, you get the market-standard yet unbreakable AES encryption.
ExpressVPN has a kill switch for data leak prevention. If the VPN connection drops, your internet connection will be temporarily shut down. You can even make use of the threat manager that blocks malicious activity. All of this comes from $2.49/month, and you get to connect up to 14 devices.
To learn more, read our full ExpressVPN review.
5. CyberGhost – fast VPN for browsing on Tor
| Based in: | Romania |
| Simultaneous connections: | 7 |
| Servers/countries: | Undisclosed number of servers in 100 countries |
| Current deal: | Get 88% OFF CyberGhost + 2 months FREE |
CyberGhost is a solid VPN solution for Tor browsing that won’t slow down your device while also keeping you private. Thanks to its WireGuard protocol implementation, you’ll get good speeds. Plus, CyberGhost has servers in 100 countries – plenty to find some with optimal performance.
In terms of security, you get an automatic kill switch for data leak prevention. There are also NoSpy servers in Romania with advanced privacy measures that are fully managed by this provider. You can get CyberGhost for as little as $1.59/month and connect up to 7 devices.
Find out more in our CyberGhost review.
Is Onion over VPN safe?
The major vulnerabilities in such a network configuration can fall on the separate intermediaries: either the VPN or the Onion network.
Regarding VPNs, not all of them are made equal. You have to be sure that the service is a no-logs VPN service. Don't take the provider's word for it. Records of refusal to collaborate with law enforcement and third-party audits can essentially prove whether you can trust a service. If the VPN keeps your logs, its privacy claims are invalidated, and it's one of the potential threats to your anonymity.
Talking about the Onion network, the biggest downside is that it's community-based, and everyone can set up a Tor node. It means that there are some rogue nodes managed by malicious hackers that can potentially be spying on you. It isn't standard practice to de-anonymize your connection. Mostly, it requires a level of funding only available to national governments. However, Tor deanonymization attacks have been successfully conducted in practise.
When using Onion in tandem with a VPN, the best part is that your anonymity rests on two entities that are separate from each other. Even if there are risks and potential points of failure, the chain is longer, and there are more added safety measures than you would get if you used the service on its own. Plus, the VPN also encrypts some of the internet traffic that Tor doesn't encrypt, for example, ICMP. Plus, if you're using just the Tor network, your ISP can tell that you're using it. With a VPN, it becomes impossible to tell.
Do you need a VPN for Tor?
You can use the Tor browser or set up the connection so that all your traffic goes through its servers. Your traffic is encrypted, but your ISP can still see that you're connecting to Tor. Plus, the first Tor node that you connect to can see your real IP address.
A VPN isn't a requirement to use Tor, but it helps a lot. It encrypts your whole traffic, masking it from the ISP. In short, it's much safer to use Tor with a VPN.
Not all VPNs offer Tor features in their product. Out of the options we tested, NordVPN had the best overall functionality, and it includes a solid 30-day money-back guarantee, so you can see it for yourself with no risk involved.
Try NordVPNPros and cons of using Onion over VPN
If you wonder what the advantages and disadvantages of using Onion over VPN are, here is a detailed list:
| Pros | Cons |
| Multiple layers of encryption | Your speeds will be very slow due to the longer chain of intermediary servers |
| Even if the Tor network is compromised, your real IP remains unknown | Tor exit nodes can get blocked at random times, cutting off your connection |
| VPN features like a kill switch remain in place, protecting you while you browse | |
| Many ISPs block the Tor network altogether, so the only way to access it is via a VPN | |
| Neither the ISP nor VPN provider can see what you're doing |
How to use Tor over VPN
Using Onion over VPN is simple. You'll need a VPN service and the Tor browser. However, in most cases, you'll likely be using the Tor browser. Here's how you can do it:
- Sign up for a VPN service, like NordVPN, which is now 75% OFF. Anonymous payment options are your friends, and generally, you want to leave as little personally identifiable information as possible.
- Download and install the VPN client on your device.
- Once you do, connect to whichever server gives you the best speeds.
- Download and install the Tor Browser. Launch the browser and connect to the Tor network.
- Start surfing on the Tor browser.
Your browser connection is now under two sources of encryption: the VPN and the Tor browser.
VPNs with built-in Onion over VPN feature
There are only a few VPNs that integrate Tor functionalities into their services. The leader in this area is NordVPN, which has a built-in Onion over VPN feature. You don't have to add additional configuration to use it. The setup is pre-configured so that you can browse anonymously from the get-go and without the Tor browser or Tortilla.
Onion over VPN vs double VPN
Keep in mind that if you want to remain anonymous, Onion over VPN is far from the only solution. Tor isn't the only method to interconnect several secure connections. It's also possible to use several VPNs. That way, your traffic is routed through several servers, and your traffic is encrypted twice.
Different VPN providers that have this built-in feature name it differently. It can be called multi-hop, double VPN, nested VPN, or other. There is also the option to try and set it up yourself by setting up a VPN on your router and then also connecting to a VPN server on your device. It can also be done with virtual machines where the host takes up the role of the router.
Should I use Tor bridges instead of a VPN?
When using the Tor network, you have an option to connect via Tor bridges. Bridges work in a similar way to relays, but they aren't public and don't appear in the main Tor directory. However, finding one can be a pain. You could set one up yourself, but this isn't easy. Otherwise, it's already public if you've found it, which also means that it can be blocked.
Tor bridges can add more flexibility to your browsing experience. There are particular variants of them, for example, obfuscated Tor bridges that can be useful when accessing restricted content. Your ISP, in most cases, cannot block private Tor bridges.
Bottom line
Tor over VPN may seem like an overkill. However, relying on just VPN or just Tor may not be enough if you're a journalist or political activist under an oppressive regime. With only the VPN, you're trusting your service provider with the entirety of your data. With only Tor, the encryption might not be sufficient, plus the communal nature of Tor puts too much trust in every node to be trustworthy, which isn't always the case.
However, when these services are used in conjunction, Onion over VPN is one of the most secure solutions that should be sufficient for whistleblowers and activists. My top recommendation for a reliable Tor VPN is NordVPN.
FAQ
Do you need a VPN for Tor?
No, you don't need to use a VPN for Tor. It will work without it. However, using it decreases the chance of being exposed during your trips to the dark web.
Can you use Tor for normal browsing?
Yes, most common websites have a Tor version. This applies even to sites like Facebook. However, the connection will be so slow that you should use a VPN for normal browsing, which will allow you to use the standard versions with better connection speeds.
How do I know if my Tor is working?
If you know your regular IP address, it’s easy to check what is shown when you’re connected with Tor. If the address doesn’t match your regular IP address, then you can be sure that your address has changed.
Is it dangerous to download Tor?
Tor has many legitimate uses. There are dark web boards used by activists and journalists. So, you shouldn’t be afraid of the tool. However, in some countries, using Tor is illegal, and it can be dangerous to download and use Tor if that's the case for you.
