VPN usage has grown substantially in the past years. In fact, 25% of Internet users use a VPN at least once a month, and this is seen to grow more in the coming years. This is a pretty overwhelming number since half the world’s population are Internet users!
Most of these VPN users find that VPNs are great solutions for privacy and security, but there have been issues associated with it. These issues include logging, and WebRTC and DNS leaks which lead to the exposure of your real IP address and your real identity. While most of these issues can be traced back to unreliable VPN providers, it should be every user’s goal to test their VPNs regularly. You don’t even have to be super tech-savvy to be able to use a VPN, and not much more to test it.
Here are tests you can do to make sure that your VPN is safe, and some tips on how to avoid leaks. Keep in mind that we have already done these tests for the top providers we have tested, such as these two right here:
[affilioProvider max=”2″ top=”n” cat=’home’]
VPN test: IP address leak test
VPNs are popular mainly because they hide your real IP address and mask it with their own. This process ensures that your identity and activities remain private – you are virtually anonymous. However, a study by CSIRO in 2017 revealed that 84% of VPN providers leak user data. While the study involved 283 free Android VPN apps (which are universally terrible and not what we recommend on our site), which skews the data quite a bit in a bad way, it’s still important to check for leaks even when you are on a paid subscription plan.
Oftentimes, IP leaks are not intended by the VPN provider. Leakage can happen when the VPN connection drops for a moment while you are connected to the network and visiting some sites. During the few seconds that the VPN connection drops, your real IP address is exposed to the website or application you’re visiting.
This is why it is important to choose a VPN provider that has a high uptime. We’ve tested several providers with impressive uptime rate, and even one with zero drops in connection for weeks. Zero drops is rare even for top-tier VPN providers because of external factors – ISP latency, misconfigured firewall, and weak signal strengths, among many others.
Yeah, your VPN connection might just drop and your computer keeps sending traffic.
A simple software firewall mostly prevents this as well. Many VPN providers actually offer some sort of "kill switch" feature.
— jomo ? (@0xjomo) March 23, 2018
The best VPN providers – those who are truly out there to hide your IP address and identity – have come up with a Kill Switch feature that will prevent accidental IP leakage. Users have the option to turn this feature on or off, but the ideal is to turn the Kill Switch feature on all the time. When the VPN connection drops, the Kill Switch feature automatically shuts down the network connection too so you won’t be exposed.
VPN test: DNS leak test
A DNS, or Domain Name System, is a naming system that translates a website name (which is easy for people to remember) into a set of numbers called an IP address which is more readable for your computer. Here’s a quick video that will tell you what a DNS is and how it has helped with the dynamics of people using the Internet.
A DNS leak happens when the DNS requests still goes to the default DNS server instead of the VPN’s own DNS server. The default DNS servers are usually the ones maintained by your ISP. This may not be your VPN provider’s fault though. Your operating system (especially Windows) can actually ignore the fact that you are using a VPN and routes DNS requests to the default server. The effect of a DNS leak is two-fold:
- It gives your ISP a snapshot of what you’re doing online. Although your ISP won’t know everything you did such as what items you bought online or what web pages you spent a lot of time on, the information they can get is enough to create an online profile of you which they can sell to data brokers or use for their ad targeting.
- It leaks your ISP’s IP address and location to the websites you’re visiting. Although it’s not your IP address that’s directly leaked, this information is still enough to trace your IP address.
So how do you do a VPN DNS leak test? First, connect to a VPN server located outside your country. Go to https://www.dnsleaktest.com/ or http://dnsleak.com/. If you see your ISP’s IP address and location, then there is definitely a DNS leak.
— Freedom Hacker (@FreedomHackerr) September 6, 2016
The method described above is quite risky since you are connected to the Internet, and the presence of a DNS leak makes you vulnerable. Thankfully, there is another way to do a DNS leak test without needing to connect to the Internet. Follow the steps below:
- Open the command prompt and type: ping [server name] -n 1.
- Choose any of these server names:
- Wait for the results to finish loading.
- If you see your real IP address in any of the addresses that are shown in the results, then there is a DNS leak.
Like the IP leak issue discussed in the previous section, VPN providers have also developed ways to prevent DNS leaks. Here are ways to prevent DNS leaks while using a VPN:
- Choose a VPN provider that has DNS leak protection which is a feature that ensures all your DNS requests are within the encrypted tunnel. We’ve tested several VPN providers with this feature, and compared test results with those that don’t, and the difference is significant. There is almost always a possibility of a DNS leak.
- Choose a VPN that has its own DNS server. Some providers we reviewed even have this “zero knowledge DNS” where nothing about you is stored on their servers.
- If you are using a VPN with the latest OpenVPN protocol, you can add this line to the .conf or .ovpn file: block-outside-dns.
- Make sure that your VPN provider is IPv6-capable.
- Disable Teredo if you’re using Windows.
- Change your device or router’s DNS settings.
As you can see, these methods to protect yourself from DNS leak all boil down to one thing: choosing the right VPN provider. The best VPN providers have anti-DNS leak measures that will ensure they’ll pass when you do a DNS leak test.
VPN test: WebRTC leak test
WebRTC is a useful innovation that allows real-time voice, video chat, and P2P file sharing within the browser without the need for browser extensions. However, it poses a privacy and security threat to VPN users since it reveals the user’s real IP address. Even the best VPN providers are vulnerable, especially since WebRTC is enabled by default in most browsers.
To avoid a WebRTC leak, you need to disable WebRTC in your browser. It’s easy to do with some browsers such as Chrome for Android, Firefox, and Microsoft Edge, while for some browsers, you need to install addons. The section below will guide you in disabling WebRTC in different browsers:
How to disable WebRTC in Chrome for Android
- Type chrome://flags/#disable-webrtc in the browser’s address bar and tap Enter.
- Under the WebRTC STUN header, tap Enable.
- Restart your phone.
How to disable WebRTC in Chrome and Opera
Unlike its Android version, Chrome for desktop doesn’t have a built-in way to disable WebRTC. The same is true for Opera. However, there are extensions that you can add to help prevent WebRTC leaks, and here are some examples:
These extensions can block websites from collecting your IP address, but they do not fix the IP leak. Your IP address can still be stored in some websites.
There are extensions in Mozilla Firefox that can help prevent WebRTC leak, but you can do it directly in the browser which is better. Here’s how you do it:
- Type about:config in the address bar and press Enter.
- Click on the “I accept the risk!” option.
- In the Search box under the address bar, type in media.peerconnection.enabled.
- Double-click on the search result and change the Value column to false.
For Safari on macOS, follow these steps to disable WebRTC:
- Go to Safari > Preferences.
- Go to the Advanced tab.
- Mark the “Show Develop menu in menu bar” checkbox. The Develop menu will now be accessible.
- Click on Develop > Experiment Features and mark the “Remove Legacy WebRTC API” option.
For Safari for iOS, follow these instructions:
- Go to Settings > Safari.
- Scroll down and tap on Advanced.
- Tap on Experimental Features.
- Toggle off the “Remove Legacy WebRTC API” option.
Follow these steps to disable WebRTC in Microsoft Edge:
- Enter about:flags in the address bar.
- Check the box that says “Hide my local IP address over WebRTC connections.”
- Restart the browser.
Internet Explorer does not support WebRTC, so you shouldn’t have any WebRTC leak problem with it. We included WebRTC leak tests when we ranked the top VPN providers.
How to do a VPN speed test
Aside from the IP, DNS, and WebRTC leak tests discussed above, you also want to regularly test the speed of your VPN. We also test the speed of the VPNs we review because we understand that latency is one of the most common issues encountered by VPN users. This is especially true when you use a VPN for streaming or gaming.
VPN speed is actually affected by several factors such as the following:
- Location of the VPN server: The farther you are from the VPN server you’re connected to, the more it takes for all data to travel. If possible, choose the nearest VPN server.
- The speed from your ISP: If your Internet connection is slow to begin with, your VPN connection will naturally suffer too. Take note also that most ISPs throttle the speed of your connection when you visit certain entertainment and gaming sites. Using a VPN can actually speed up your connection in this case.
- Level of encryption: There is a trade-off between speed and security because the encryption process takes time. The heavier the encryption, the more time it takes to complete.
— Pirate Parties International (PPI) (@ppinternational) May 23, 2016
- Number of users on the VPN server: If there are a lot of cars on a lane, traffic will be heavier. This is also true with VPNs. The more users there are on a VPN server, the slower the connection will be. With a good VPN provider, you can always switch to a server with fewer people. A few will even do this for your automatically.
With these factors in mind, you can do a VPN speed test by going to https://www.speedtest.net/, http://speedof.me/, or https://fast.com/. When we compared the speed of our connection without a VPN and with the VPNs we reviewed, the difference is only within 85% to 95%.
What if these VPN tests prove there’s a leak?
Finding out that there’s a leak in your system can be quite unnerving since you are using a VPN for anonymity, privacy, and security. You don’t want anyone to get hold of your personal data! If you’re still experiencing IP, DNS or WebRTC leaks even after putting up measures to avoid it, contact your VPN provider’s support team. There might be an issue on their end that is causing the leakage while using a VPN.
If worse comes to worst, save yourself from the hassle and change your VPN provider to one of these high-quality providers we have tested.
[affilioProvider max=”5″ top=”n” cat=’home’]