diff --git a/drama/routes/comments.py b/drama/routes/comments.py
index e6936608f..e068f0c11 100644
--- a/drama/routes/comments.py
+++ b/drama/routes/comments.py
@@ -312,7 +312,7 @@ def api_comment(v):
 				)
 	g.db.add(c)
 	g.db.flush()
-	if request.files.get("file"):
+	if request.files.get("file") and request.headers.get("cf-ipcountry") != "T1":
 		file=request.files["file"]
 		if not file.content_type.startswith('image/'):
 			return jsonify({"error": "That wasn't an image!"}), 400
@@ -660,7 +660,7 @@ def edit_comment(cid, v):
 		g.db.commit()
 		return {"error": "Too much spam!"}, 403
 
-	if request.files.get("file"):
+	if request.files.get("file") and request.headers.get("cf-ipcountry") != "T1":
 		file=request.files["file"]
 		if not file.content_type.startswith('image/'): return {"error": "That wasn't an image!"}, 400
 		
diff --git a/drama/routes/posts.py b/drama/routes/posts.py
index 92fac5b45..b87fd467f 100644
--- a/drama/routes/posts.py
+++ b/drama/routes/posts.py
@@ -803,7 +803,7 @@ def submit_post(v):
 	g.db.refresh(new_post)
 
 	# check for uploaded image
-	if request.files.get('file'):
+	if request.files.get('file') and request.headers.get("cf-ipcountry") != "T1":
 
 		#check file size
 		if request.content_length > 16 * 1024 * 1024:
@@ -816,7 +816,6 @@ def submit_post(v):
 			else: return render_template("submit.html", v=v, error=f"Image files only.", title=title, body=request.form.get("body", "")), 400
 
 
-		name = f'post/{new_post.id}/{secrets.token_urlsafe(8)}'
 		new_post.url = upload_file(file)
 		new_post.domain_ref = 1  # id of i.ruqqus.ga domain
 		g.db.add(new_post)
diff --git a/drama/routes/settings.py b/drama/routes/settings.py
index 99d1154d9..f314e7cb0 100644
--- a/drama/routes/settings.py
+++ b/drama/routes/settings.py
@@ -331,6 +331,7 @@ def settings_images_profile(v):
 		g.db.rollback()
 		abort(413)
 
+	if request.headers.get("cf-ipcountry") == "T1": return "Image uploads are not allowed through TOR.", 403
 	imageurl = upload_file(request.files["profile"], True)
 	if not imageurl: abort(400)
 	highres = upload_file()
@@ -339,8 +340,7 @@ def settings_images_profile(v):
 	v.profileurl = imageurl
 	g.db.add(v)
 
-	return render_template("settings_profile.html",
-							v=v, msg="Profile picture successfully updated.")
+	return render_template("settings_profile.html", v=v, msg="Profile picture successfully updated.")
 
 
 @app.post("/settings/images/banner")
@@ -351,7 +351,7 @@ def settings_images_banner(v):
 		g.db.rollback()
 		abort(413)
 
-	v.bannerurl = None
+	if request.headers.get("cf-ipcountry") == "T1": return "Image uploads are not allowed through TOR.", 403
 	imageurl = upload_file(request.files["banner"])
 	if imageurl:
 		v.bannerurl = imageurl