Hi Guys,
We use geofencing to limit the surface of bad actors but naturally they can terminate VPN tunnels within the UK. Is there a way to prevent VPN tunnels as I know Fastly can identify ToR browsers from fingerprinting?
Any guidance is welcome 
Chris
There really isn’t any way for a CDN to know that an incoming connection passed through a VPN on the way; the only thing which might be possible is to block IP ranges or ASes which are known to be owned by VPN service providers, but that could easily block legitimate traffic as well. It also wouldn’t address users who implement their own VPNs.
Fingerprinting at the application level (like the browser) is capable of doing much more than fingerprinting at the IP level.
Thanks for the reply. I did kinda expect this response as I new blocking a list of IP’s (which is like playing whackamole) is the only option and then it’s fingerprinting. Even with the latter we’d need to identify the traffic too.
Thanks for assisting
You can use something like visitorquery.com but a js needs to be loaded on the client.