One of the uses of a virtual private network or VPN is to mask the user’s true IP address when online. For example, if you want to watch Netflix US but you’re located somewhere else in the world, you can use a VPN to access the content that’s blocked out of your area. Routing your connection through a VPN service will disguise your true IP address and will show one that’s qualified to access that restricted content. In this case, your IP address will show that your location is in the US so that you’ll be able to watch shows from Netflix US.
Some users, on the other hand, want to protect their privacy by hiding their true IP address from marketers and advertisers. They don’t want companies tracking their online activities and purchases, since otherwise they will be bombarded with ads.
Another use of the VPN is to bypass restrictions. For example, some websites blacklist certain IP addresses which they think have violated their rules. You can bypass the blacklisting by using a VPN because that website won’t be able to see your real IP address.
However, there have been recent reports about a security leak in some VPN connections that allow websites to track down the user’s real IP address even if the user is using a VPN. This is not supposed to happen.
Your VPN is supposed to protect you by masking your IP address, but there’s always a chance that your VPN might be leaking information without you knowing it.
A leaking VPN is caused by the Web Real Time Communication (WebRTC), which is a special feature of most internet browsers, such as Google Chrome, Firefox, Safari, etc. The WebRTC is not an actual security flaw because it is a built-in special interface of your browser.
This interface allows computers on different networks to communicate via specific browser-to-browser applications, including video chats, file transfers, voice calling, and more.
But what VPN users don’t know is that the WebRTC, in the hands of someone technically savvy, can be used to reveal your true IP address even if you’re using a VPN. An IT person can easily write a few lines of code to imitate a WebRTC-type connection with your browser, and the IT guy can find out your actual IP address. By knowing your real IP address, the websites can now block your connection.
Using a VPN is like pasting a fake ID over the real one, but WebRTC allows websites to see through your disguise. So, if you’re using a VPN to access sites like Hulu, Spotify, or Netflix, you might find out that you can no longer stream movies or access content as easily as you did before.
What do you do? First you need to check if your VPN is leaking, then find a way to fix the VPN leak.
Is Your VPN Leaking?
The first thing you need to do to check if your VPN is leaking is to look at your IP address. The IP address is a bunch of numbers assigned to your router by your ISP provider. Anything that’s connected to your router has an IP address, but what we’re looking for is your public IP address.
Your IP address is what your computer uses to communicate with servers on the internet. These IP addresses are bound not only to the ISPs that provide them, but also to specific locations. This means that your IP address can tell exactly where you are located. So as long as you know someone’s IP address, you can narrow down where they live.
Here’s how to check if you have a VPN leak:
- Check your IP address by typing “what’s my IP address” on Google. You can also use websites such as IPLocation, Tenta Browser Privacy Test, WhatIsMyAddress.com, or WhatIsMyIP.com to know what your IP address is. These websites will also give you your Geo-IP or the location linked to your IP address.
- Log into your VPN and choose a server. Verify that you’re connected to your VPN server and wait for a few minutes.
- Check your IP address again using the methods mentioned in Step 1. You should see a different IP address that has been provided by your VPN provider.
- Go to the WebRTC test page and check out the IP address that’s being shown on the page.
- If the WebRTC test page is showing the IP address provided by your VPN, then you have nothing to worry about. But if it’s showing your real IP address, then you have a VPN leak.
How to Fix a Leaking VPN
If you’re using a modern desktop browser, then you probably have the WebRTC enabled because browsers use this to be able to work better. A VPNs that installs an extension on your browser usually turns this off, or you can directly disable this by yourself.
Here’s how to disable or turn off WebRTC:
- You need to install an extension like WebRTC Network Limiter, ScriptSafe, WebRTC Leak Prevent, or WebRTC Control from the Chrome Web Store. You can use these extensions to toggle WebRTC on or off from the toolbar.
- Safari. This browser doesn’t share information via WebRTC, so you shouldn’t worry about it.
- Edge. There’s no way to turn this feature off on Edge, but you can hide your local IP address entirely. Just type about:flags on your browser, then tick off Hide my local IP address over WebRTC connections.
- Firefox. Type in about:config and click the I accept the risk! Type in media.peerconnection.enabled using the search box, then change the Value column to False by clicking on the search result. Another option is to install the Disable WebRTC add-on from Mozilla Add-ons.
- Opera. Disable WebRTC by navigating to View > Show Extensions > WebRTC Leak Prevent > Options.
Take note that disabling WebRTC may affect some web apps and services, such as web chats, voice calling or video calling. When this happens, you can simply enable the WebRTC temporarily to fix the issue.
The DNS or Domain Name System works like a phonebook. Users access the Internet by typing the domain names of websites, such as softwaretested.com, espy.com or nytimes.com. And while browsers interact using IP addresses, DNS translates these domain names to their corresponding IP addresses so that the browsers can load the Internet resources. The DNS is important because it is a tool that helps humans to communicate with their computers.
ISPs usually have DNS servers on their networks that help with the translation. By using a VPN, your Internet connection should be redirected to an anonymous DNS server. But if your browser just redirects it to your ISP anyway, then you have a DNS leak.
To check whether you have a DNS leak, you can use online tools such as HidesterDNSLeakTest, DNSLeak.com, or DNSLeakTest.com. These websites will show the IP address and the owner of the DNS server you’re using. If you’re using a VPN and you see that the DNS server reflected on these sites is your ISP’s server, then it means that you have a DNS leak.
According to recent reports, some Google Chrome extensions of VPN service providers have DNS leaks of their own. In fact, 22% of VPNs have some sort of a leak, whether it’s IP address-, DNS- or extension-related.
One of the ways to fix a DNS leak is by subscribing to a VPN that prevents DNS leaks. Most free VPNs don’t offer this feature, so you need to subscribe to a paid VPN service to be actually leak-free.
Another option is to change the DNS servers that your router use whenever you send requests to the Internet. It is a complicated process because you have to change the settings of your router to be able to do this. You can check out Google Public DNS, Comodo Secure DNS, or Cisco’s OpenDNS for instructions on how to set this up with your router.
It is alarming when the service that’s meant to protect you has some security leaks. Free VPNs are riddled with leaks and security issues, so you cannot rely on them entirely for your online protection. For total peace of mind, it is important to invest in a good VPN service that offers the best protection, such as Outbyte VPN, even if you have to pay a small fee.