Reading Time: 4 minutes

The ultimate purpose of a VPN is to maximize online security and safeguard user privacy. However, not all VPNs are equally good in performance and in their ability to keep yourself secure. But how can one be sure if a VPN is secure enough to be worth buying?

Well, there are a few critical tests you can run to determine the strength of your VPN. In this blog, I will explain how you can conduct these tests to check just how secure your VPN really is.

DNS Leak Test

DNS (Domain Name System) takes care of converting a website’s URL into an IP address. This process of translation is necessary because web browsers communicate with the Internet through IP addresses, rather the domain names, which are only used for the convenience of us human beings.

DNS-leak

DNS translation is typically performed by the ISP (Internet Service Provider). However, the translation process leaves text logs of the websites you are visiting, allowing the ISP to see which websites you have been visiting.

So, DNS translation exposes you to the ISP and other third-parties that may be interested in invading your privacy for some reason.

If you use a VPN, then DNS translation requests are handled by the VPN itself, increasing your privacy considerably. However, if the VPN you are using isn’t strong enough, the DNS request can leak, revealing your browsing activities.

To test if your VPN is leaking DNS, you can use the web-based tool dnsleaktest.com. The standard test is sufficient to check if you have a DNS leak. If test correctly guesses your ISP, their IP address, and location, then your VPN is leaking your DNS and it’s time for you to invest in a secure VPN like Surfshark.

If the test shows a different location and ISP than the one you are connected to, then be glad, because your VPN is successfully tunneling your DNS requests without leaks.

IP Leak Test

A DNS leak does not reveal your IP address, but only that of your ISP. But that information is enough to reveal your true location and your browsing history.

IP-address

An IP leak, on the other hand, directly exposes your true IP address. Hiding the real IP of users is the main function of VPN services. If your VPN is failing to do that, then there really is no point using it at all!

You can test if the VPN is leaking your IP address through ipleak.net, an online tool. If it correctly displays your IP address and your location, then you surely have an IP leak and it’s time to get rid of your VPN for a stronger one, such as ExpressVPN.

Some VPNs may be effective in preventing IP leaks once you are connected to them, but not when the connection drops and the VPN is reconnecting. This is usually the case with VPNs lacking a kill switch feature.

It is harder to ascertain if your VPN leaks IP during the reconnecting phase, because you would manually have to conduct a series of tests in a quick succession while the VPN is reconnecting to find out.

Here is how you can test for an IP leak during Internet reconnection:

  1. Open the online IP leak test tool on a number of different tabs
  2. Keep the VPN running but disconnect your Internet.
  3. When the connection has dropped, reconnect to the Internet and quickly refresh all browsers tabs.
  4. As soon as the VPN has made connection with the Internet, stop refreshing
  5. If your real IP address is detected by the IP leak test tool in any of the tabs, then you have a leak during reconnection

WebRTC Leak Test

WebRTC is short for Web Real-Time Communication. WebRTC supports P2P sharing, video, and voice chatting via your browser without using browser extensions. Unfortunately, all browsers haven inherent vulnerability with WebRTC that exposes your IP address.

VPNs can prevent WebRTC leaks to an extent. The root cause of the problem are browsers themselves, rather than VPNs. So, if you want to get rid of WebRTC leaks completely, you shouldn’t rely on VPNs alone: it pays to change settings in your browsers as well.

So, what if you have a leak?

As I suggested earlier, you shouldn’t compromise on your security and continue using a VPN if you have learned that it is leaking your DNS or IP address. You may try contacting customer support of your VPN provider and complain the problem of leaks, but I doubt that will solve your problem.

The only thing you can do is to get rid of your insecure VPN and choose a reliable provider that values your privacy and security above all else.

The most trusted VPN providers that suffer from no such leaks are:

VPN ProvidersPrice ($)Special DealsMore Info
Best Affordable VPN
PureVPN
PureVPN
$10.95
$1.65 Per Month
Fastest VPN Service
Surfshark
Surfshark
$11.95
$1.99 Per Month
Best for Torrenting
Ivacy VPN
Ivacy VPN
$9.95
$1.99 Per Month
80% OFF
2 Years Deal
Best for Streaming
ExpressVPN
ExpressVPN
$12.95
$8.32 Per Month
Best for Private Browsing
CyberGhost
CyberGhost
$12.99
$2.75 Per Month
79% Off
3 Years Deal
NordVPN
NordVPN
Read Review
$11.95
$3.49 Per Month

NordVPN hacked We don't recommend this VPN service after thorough research.

 

Checking VPN for Malware

It is extremely sad that many VPNs on mobile devices, especially on Android, claiming to be free services fraudulently infect the devices of users who install these apps with malware. The intent behind this is usually to collect user data and make a profit by selling it to third parties (ad agencies, IT firms etc.)

malware

You should never opt for a free VPN, as a lot of these are unsafe and make a fool out of users. The best way to stay safe from getting infected with a malware by a VPN is to avoid downloading and using free VPNs.

However, if you are still up for the risk, then you should at the very least upload the app to VirusTotal. This website scans uploaded files using more than 50 Antivirus tests and then gives you the result. If no virus is reported by the result, then you just might get lucky with the free VPN you want to use.

Fixing WebRTC Vulnerabilities for Different Browsers

The WebRTC vulnerability is not inherently a fault with VPN services. Rather, it is a browser related problem and it affects all popular browsers including Firefox, Opera, Chrome, and Brave.

The only true way to fix it is by disabling it the browser you are using.

Follow the instructions below to disable WebRTC for each browser:

Firefox

Firefox is the only browser where disabling WebRTC is a fairly simple thing to do:

  1. Open Firefox and type “about.config” in the address bar. Then press enter
  2. A warning screen will open. Click “I accept the risk!”
  3. Now, in the search box, type “media.peerconnection.enabled”.
  4. Double click the preference name to change the Boolean value to false

That’s all it takes to disable WebRTC in Firefox.

Chrome

Unfortunately, you cannot disable WebRTC in desktop version of Chrome, as Google provides no such setting to play around with WebRTC.

The only way to disable it in Chrome is through the use of third-party add-ons like WebRTC leak prevent. However, you should keep in mind that add-ons are not always effective in keeping you secure from exploitation of WebRTC vulnerabilities.

So, for Chrome users, the most effective solution is to simply stop using this browser altogether.

Though, you CAN disable WebRTC on Chrome for Android.

Here’s how:

  1. Open Chrome on your Android and visit the URL chrome://flags/#disable-webrtc
  2. Scroll down to see WebRTC Stun origin header and disable it

This action effectively disables WebRTC on Chrome.

Opera

Opera does not have any setting that allows users to turn WebRTC off, just like Chrome. The only hope is to use the WebRTC Leak Prevent extension.

  1. Install WebRTC Leak Prevent in your Opera
  2. Open Advanced options and > IP handling policy: Disable non-proxied UDP (force proxy)

Keep in mind that disabling WebRTC through add-ons is not a perfectly effective solution. So, if you’re paranoid about your privacy, you can avoid using Opera altogether.

Brave

Brave is emerging as a reliable browser with strong security and privacy options built into it. It allows users to disable WebRTC through settings:

  1. Navigate to Preferences > Security > WebRTC IP Handling Policy
  2. Now choose Disable non-proxied UDP.

Key Takeaways

  • VPNs are supposed to enhance your security, not ruin it with these leaks
  • Unknown and free VPN providers often have DNS, IP, and WebRTC leaks

Considering the facts noted above, there is little room for doubt that the true test of a secure VPN is one that doesn’t suffer from leaks of information having the potential to compromise a user’s security and privacy. If you choose a well-reputed premium VPN, it is highly unlikely that they will allow any such leaks from happening.

So, perform your tests, do your research, and choose your VPNs wisely, guys!

 

Related Blogs: