A recent change to GitLab.com is now effectively blocking all Tor users. GitLab is blocking all IP addresses sourced from "local addresses" and Cloudflare's onion service is presenting almost-all Tor users under a local IPv6 address. More information on [Cloudflare's blog post for their onion services](https://blog.cloudflare.com/cloudflare-onion-service/). Blocked address example. `Your IP address: 2405:8100:8000:5ca1::226:9a52` The IPv6 range `2405:8100:8000::` is used by Cloudflare representing Tor users whose browsers have accepted their onion-service alt-svc header. Any GitLab instances running as onion services with `HiddenServiceExportCircuitID` enabled will see the range `fc00:dead:beef:4dad::` instead. Both ranges should be whitelisted. A workaround for users in the meantime is to temporarily significantly weaken their anonymity by disabling altsvc in their browser. `network.http.altsvc.enabled = false`. However under this configuration, Cloudflare is very likely to block other requests due to the aggregation of millions of Tor users under only a few thousand exit relays as this "looks bad" to naive traffic analysis.