From an average of significantly below 500k to almost 2.5M users. This drives up the global number of connecting users from approx. 3M to almost 5M.

Hard to imagine that so many people in Germany suddenly switched to TOR, especially since there has not been any significant event lately that may have triggered such a decision (afaik)?

My personal experience with TOR (as an administrator of various websites and services) is that it is a major source of unwanted/malicious traffic (spam, etc.) and most of it is automated. The big increase is probably not users but bots?

I faced a recent distributed attack averaging 20,000 RPS[1] around the same time which makes me think that there might be a bot. I wonder if there’s a network of website operators similar to NANOG or the RIPE NCC mailing lists where I could compare my own experience with those of other operators.

[1] https://news.ycombinator.com/item?id=36561930

Why not CAPTCHA protect these pages instead of blocking tor? Same attack can go through regular web.

I already have per-IP ratelimiting, and I'm against using captchas have bad UX (including the much-hailed Turnstile).

I'll probably migrate to some proof-of-work based schemes and some algorithms to detect anomalous requests, but it would require some engineering work on my part (for a free website FWIW), and the quickest way to mitigate it would be to block Tor.

>I'll probably migrate to some proof-of-work based schemes and some algorithms to detect anomalous requests, but it would require some engineering work on my part

Have you tried mcaptcha? https://github.com/mCaptcha/mCaptcha