Tor Bridge Uptime Monitoring: External Checks and Alerting

UptimeRobot (free tier available) monitors TCP ports and sends alerts when they become unreachable. Configure a TCP monitor for your bridge's obfs4 port: add monitor type TCP, enter your bridge IP and obfs4 port, set check interval (5 minutes free tier). When the obfs4 port becomes unreachable, UptimeRobot emails an alert. Setup limitations: UptimeRobot's TCP check verifies TCP connection establishment, not that obfs4 is actually responding correctly. A crashed obfs4proxy leaving the port in a listening state from another process could give a false positive. For more thorough checking, custom scripts that verify the obfs4 handshake are more reliable.

A simple shell script that tests the bridge port and alerts via email or webhook: check_tor_bridge.sh: #!/bin/bash; BRIDGE_IP='your.bridge.ip'; PORT='your_obfs4_port'; if ! nc -z -w 5 $BRIDGE_IP $PORT 2>/dev/null; then echo 'Bridge unreachable' | mail -s 'ALERT: Tor bridge down' admin@example.com; fi. Run via cron every 5 minutes: */5 * * * * /usr/local/bin/check_tor_bridge.sh. More sophisticated: test the Tor control port for bridge status information (requires ControlPort configured in torrc). The Tor Project's tools include stem (Python library for Tor control protocol) which can be used to check bridge status programmatically.

The tor_exporter Prometheus exporter exports Tor relay metrics including bandwidth, circuit counts, and uptime. Install: download tor_exporter binary, configure to scrape Tor's ControlPort. Prometheus scrapes tor_exporter on a configured interval. Grafana visualizes metrics with dashboards. Configure Grafana alerts: alert when bridge has zero circuits for more than 10 minutes (indicates bridge not serving clients), alert when bandwidth drops to near zero for extended periods, alert when Tor process is not running (detected by tor_exporter connection failure). This setup provides comprehensive bridge health monitoring beyond simple port availability.

Configure systemd to send alerts when the Tor service fails to start or crashes. Add to the Tor systemd service unit: [Service]; OnFailure=send-tor-failure-alert@%n.service. Create send-tor-failure-alert@.service: [Service]; Type=oneshot; ExecStart=/usr/local/bin/send_alert.sh 'Tor bridge service failed: %i'. Create send_alert.sh to send email or Slack webhook notification. Test by temporarily stopping Tor: systemctl stop tor - this should trigger the failure alert. Systemd's OnFailure mechanism provides near-immediate alerting when the service crashes rather than waiting for the next monitoring cycle.

The Tor Project's relay search (metrics.torproject.org/rs.html) shows bridge status as reported to bridge authorities. Search for your bridge fingerprint to see: last seen timestamp, current flags (Running, Guard, etc.), reported bandwidth. If your bridge appears offline in relay search after 24 hours of reported runtime, investigate why it is not publishing to the bridge authority. Nyx is an interactive Tor status monitor (command-line dashboard) that shows real-time bandwidth, circuit count, and connection information for running Tor instances. Use nyx for interactive monitoring during debugging sessions.