VPN > Tor is good enough for me, but regardless what you do you should also disable WebGL and WebRTC from the default about:config settings in the Tor browser. Both of those protocols are vulnerable to leaking your real IP address no matter what VPN, Tor node or proxy you hide behind:

https://browserleaks.com/webgl
https://browserleaks.com/webrtc

Another function to disable (GeoAPI):
https://browserleaks.com/geo

Since Tor browser is a firefox-forked browser, you can modify it just like any firefox or other firefox-forked browser:

https://restoreprivacy.com/firefox-privacy/

media.peerconnection is WebRTC, so disable anything associated to it. webgl has a lot of built-in functions too, do the same with webgl, make sure to disable it and test your security using the site browserleaks. geo.enabled and geo.provider are associated with the GeoAPI, those need to be disabled and any referenced url with geo.provider scrubbed blank.

Doing all this will greatly enhance your privacy.