Tor Browser is the gold standard for anonymous web browsing. It routes your traffic through three volunteer-operated relays, encrypting it at each hop so no single relay knows both who you are and what you are accessing. But simply downloading Tor Browser is not enough — the default configuration is a starting point, not an endpoint. This guide covers the advanced settings, bridges, and operational practices that make Tor Browser genuinely effective.
Understanding Security Levels
Tor Browser ships with three security presets accessible via the shield icon in the toolbar, or at about:preferences#privacy.
| Level | JavaScript | Other Restrictions |
|---|---|---|
| Standard | Enabled everywhere | None |
| Safer | Disabled on HTTP sites | Some media disabled |
| Safest | Disabled everywhere | SVG, fonts restricted |
Standard is appropriate for light use where you want website functionality while gaining anonymity.
Safer is the practical daily driver for most threat models. JavaScript is blocked on non-HTTPS sites where it is most dangerous. HTTPS sites retain JS for usability.
Safest disables JavaScript universally. Many websites break entirely. This level is appropriate for journalists, activists in high-risk environments, or when accessing sensitive .onion services. At this level, Tor Browser is most resistant to browser fingerprinting and exploit delivery via JavaScript.
Set your level based on your actual threat, not anxiety. Unnecessary restrictions create friction that leads to abandonment.
Disabling JavaScript Per-Site (Safer Level)
At the Safer level, you can whitelist individual sites for JavaScript without globally enabling it. Click the NoScript icon (the S shield) in the toolbar:
- Click the settings icon (gear).
- Find the site you want to permit.
- Set permissions to Custom and enable script.
This approach gives you granular control — permit JS on a news site you need to read while keeping it blocked elsewhere.
Bridges and Pluggable Transports
In countries where Tor is blocked at the network level (China, Iran, Russia, Belarus), the standard Tor connection will fail. Bridges are unlisted Tor relays, and pluggable transports disguise Tor traffic to look like something else.
Getting Bridges
- In-browser: Open Tor Browser’s connection settings and select “Use a bridge.” Built-in options include obfs4, Snowflake, and WebTunnel.
- Email: Send an email to bridges@torproject.org from a Gmail or Riseup address with the message body
get transport obfs4. - Web: Visit bridges.torproject.org from an uncensored connection.
obfs4
obfs4 makes Tor traffic appear as random binary data with no identifiable header pattern. It is the most widely used transport and effective against most deep packet inspection (DPI) systems.
Bridge obfs4 192.0.2.10:443 [fingerprint] cert=[base64] iat-mode=0Add this line in the bridge configuration dialog. You can add multiple bridges for redundancy.
Snowflake
Snowflake uses WebRTC connections through volunteer browser-based proxies. Because WebRTC is used by legitimate applications (video conferencing, etc.), it is difficult to block without collateral damage. Snowflake is the recommended starting point for new users in censored regions — it is built-in and requires no manual bridge address.
WebTunnel
WebTunnel disguises Tor traffic as HTTPS by tunneling through a real HTTPS endpoint. From a network observer’s perspective, you appear to be browsing a regular HTTPS website. This transport handles sophisticated DPI that obfs4 may not defeat.
Navigating .onion Sites
.onion addresses are only accessible through Tor. They provide end-to-end encryption and mutual anonymity — the server’s location is also hidden. Common uses:
- SecureDrop — Whistleblower submission platforms for major news organizations (New York Times, The Guardian, etc.) all operate .onion addresses.
- Tor Project itself — http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion
- DuckDuckGo — https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
When Tor Browser detects that a site has a .onion equivalent, it shows an Onion Available button in the address bar. Click it to switch to the more private .onion version.
Circuit Display and New Identity
Click the lock icon in the address bar to see your current Tor circuit: the three relays (Guard, Middle, Exit) used for the active connection. The exit relay is the one that contacts the destination site.
New Circuit for This Site (available from the circuit display) builds a fresh circuit for the current site without restarting the browser or affecting other tabs. Use this if the exit is slow or geographically inconvenient.
New Identity (the broom icon or Ctrl+Shift+U) does more: it closes all tabs, clears all session data, and builds entirely new circuits. Use this when you want to completely compartmentalize activity — treat it as starting a fresh browser session.
What Tor Does NOT Protect Against
Understanding Tor’s limitations is as important as using it:
Browser fingerprinting through behavior. Tor Browser standardizes window size, fonts, and many parameters to make all users look alike. But if you resize the window, install extensions, or log into accounts, you reintroduce uniqueness.
Exit node traffic interception. Traffic between the exit relay and the destination is unencrypted if the site uses plain HTTP. Always prefer HTTPS. The exit relay operator can see your traffic content (not your identity) on HTTP sites.
Correlation attacks. A sophisticated attacker who can observe both your internet connection and the destination site may be able to correlate traffic timing even without breaking Tor’s encryption. This is a nation-state level attack.
Application-level leaks. Opening documents (PDFs, Word files) downloaded via Tor in external applications may cause those applications to make network connections outside Tor. Use Tor Browser’s PDF viewer; avoid opening downloads in outside apps.
JavaScript exploits (at Standard/Safer levels). A malicious site could deliver exploit code via JavaScript that escapes the browser and reveals your real IP. This is why Safest level exists.
Combining Tor Browser with Tails OS
Tails is a live operating system you boot from a USB drive. Every application routes through Tor by default, and the entire system state is wiped on shutdown — nothing persists to disk.
The combination of Tails + Tor Browser provides:
- Amnesic operation — No browsing history, no login sessions, no file artifacts after shutdown
- System-level Tor enforcement — Even if an app tries to bypass Tor, Tails blocks non-Tor connections at the firewall level
- Separate hardware identity — Tails randomizes the MAC address, so the session cannot be linked to your hardware
Download Tails from tails.boum.org and verify the cryptographic signature before writing to USB. For high-stakes situations — investigative journalism, political organizing in authoritarian countries — Tails + Tor Browser is the practical ceiling for browser-based anonymity without specialized hardware.
Practical Operational Tips
- Never log into personal accounts through Tor that you access outside Tor. Even with Tor, the account login de-anonymizes you.
- Use one tab per context. Different tabs in the same Tor session share circuits, which can allow cross-site correlation.
- Do not torrent over Tor. Torrenting bypasses Tor’s proxy and exposes your real IP via BitTorrent’s peer protocol.
- Update regularly. Tor Browser releases security patches frequently. Enable auto-updates or check torproject.org monthly.
Tor Browser, configured carefully, provides meaningful anonymity against most real-world adversaries. The key is understanding what it protects — network-level identity — and what it does not — behavioral and application-level leaks you introduce yourself.