Does Your VPN Have an IP Leak? Test it Easily

article by Nicky Hoseck
December 29, 2019
VPNs are growing in popularity and estimates indicate that around 25% of internet users utilize them at one time or another. This is hardly surprising given how dangerous cyberspace is becoming, with marketers tracking you, politicians hurling fake news at you, and hackers wanting to exploit you.  
Advertiser Disclosure This article/post contains references to products or services from one or more of our advertisers or partners. We may receive compensation when you click on links to those products or services.

Unfortunately, even the best VPNs have their glitches, and IP leaks, DNS leaks and WebRTC vulnerabilities can all leave you exposed to the same dangers the VPN was supposed to protect you against. There are ways of dealing with these problems, however, one of which is to perform regular IP leak tests.

While VPNs offer a solid cybersecurity solution, it would be a mistake to think of them as “infallible silver bullets”. Knowing exactly what those problems are and what they look like is the first step towards fixing them, so keep reading and turn our knowledge into your power.

What Are IP Leaks and How is an IP Leak Test done?

If you have an IP leak, your original IP address is exposed even when your VPN connection is running. As your IP address is allocated to you by your internet service provider, it contains certain information about your location including, potentially, your city and ZIP code. A VPN gives users a private and anonymous browsing experience by masking that identifying IP address and hiding it behind the one allocated to the secure VPN server you are connected to.

In the past, the most common cause of an IP leak was a dropped VPN connection. In other words, the VPN connection failed, and the user’s traffic was automatically redirected through their normal, unsecured connection but without them necessarily realizing it was happening.

These days, advancing technology has made many VPN users more vulnerable to IP leaks. Until recently, everyone was using IP addresses belonging to IPv4, or Internet Protocol 4. As the number of internet users worldwide continues to expand, however, the end for a new IP emerged and IPv6 was launched. Some ISPs have already moved over to the new system so you could be one of the lucky ones allocated an IPv6 IP address. The only thing is, if you’re a VPN user, chances are you won’t be feeling so lucky.

Many VPNs have yet to embrace IPv6 and will, therefore, ignore requests sent from your IPv6 IP address which means it simply won’t work within your virtual private network. To use IPv6 technology effectively and safely, you need to make sure your entire system is reconfigured to work with it – that includes your ISP, operating system, and your VPN. If you’re in a position where there is a mismatch in configuration, you should probably grab the first IP leak test tool that comes to hand.

Some VPNs are already putting settings in place to protect their users against the IP leak vulnerabilities caused by IPv6. ProtonVPN, for instance, includes this helpful snippet in its online support, “IPv6 traffic gets rerouted to the VPN server and never leaves it, only IPv4 traffic does to ensure that your real IP address is not leaked”.

IP leaks can also occur when torrenting as torrent clients usually use tracker requests which include your original IP address. Although the upload/download traffic itself will be protected by your VPN, the tracker requests often use your original IP address to prevent failed handshakes. On the rare occasion that a torrent client uses a UDP connection which, while faster, is less secure than TCP, you could experience a torrent IP leak which would leave you as vulnerable as any other kind.

How can a VPN Leak Test Determine That You Have an IP Leak?

It’s another chilly Sunday evening and you’ve settled down in front of the fire with a big plate of mince pies ready to watch the latest offerings of your favorite streaming site.

You already connected to your VPN because, without it, you could be exposed to tracking, bandwidth throttling, or be blocked from the content you’re trying to access. Your VPN gives you a fake IP address, one that belongs to the secure server you’ve just connected to, thereby helping you bypass geographical restrictions and gain access to content in other countries.

Unfortunately, on this particular evening, unbeknownst to you, an IP leak occurred and now your access to Disney+ is blocked and, instead of getting the latest episode of The Mandalorian, all you can access is a blank screen with a button you can click on so Disney+ can keep you updated.

If a streaming site is detecting that you’re in a different country to one where the VPN server you’re connected is situated, it means it’s seeing beyond the mask to the real IP address beneath. An IP address is assigned geographically so it reveals enough information to narrow down what city you live in. In this example, that means you won’t get to enjoy the content you were looking forward to but it also means your VPN connection is no longer secure and anyone else peeking in on your activities could track your IP address and log your browsing history.

Although IP leaks aren’t the only vulnerability affecting VPN security, these are some of the most common and performing an IP leak test for VPN is deemed the best IP leak test to use iin detecting the problem, although there are a few other ways you can guard against leaks and reduce the need for performing regular VPN leak tests.

What Am I in Danger of if I have an IP leak?

For the most part, the dangers of an IP leak are the same as going online without any protection. Your IP address is exposed so anyone can track your online activities back to you or even use your IP address to steal your identity or expose your secrets.

If you use a VPN to hide illegal online activity, even if it’s as negligible as downloading pirated content, a leaked IP address could result in a serious scolding from your ISP or, in the worst-case scenario, end your internet access.

One of the biggest dangers of an IP leak is that a cybercriminal could use an IP logging tool to dig even deeper into your personal life. In the past, IP loggers have been used in doxing attacks to gain access to an individual’s personally identifiable information which is then shared publicly and with malicious intent.

Cyberbullies use doxing tactics to leak information about you and use it to harass or blackmail you. Although many doxing attacks have focused on people who have tried to remain anonymous online because they hold controversial views, you don’t have to be famous or antagonistic to be a victim.

How Do I Check if I Have An IP leak?

There are numerous IP address leak tests available free online that are very simple to use, just following these four easy steps:

  1. Turn off your VPN and head over to an IP leak test tool site like this one or, if you want an IP leak test full report, this one.
  2. This will reveal your original IP address. Click on that link and it will open another window detailing all the information your IP address reveals about you. Jot down this IP address so you can refer to it later.
  3. Start your VPN and connect to a server in another country.
  4. Go back to the test page and check your IP address. If, as shown in the images below, your IP address has changed and now indicates you’re in a different country to the one you were earlier, your VPN is working effectively. If you still see the same IP as the first time, your IP address is leaking all over the internet!

How Do I Fix An IP Leak?

One of the easiest ways to guard against an IP leak that causes by an accidental VPN disconnect is to ensure you activate the VPN’s kill switch or network lock. When activated, a kill switch will cut off all internet connections and prevent any apps from connecting the moment the VPN connection fails, thereby preventing IP leaks.

All the best VPNs all offer this handy form of protection and many have it already activated in the default settings. If not, head over to your settings and switch it on! Some VPNs offer two types of kill switches – one will block all internet traffic the moment your VPN connection goes down while the other, usually called an app kill switch, which allows you block specific apps from sending unprotected traffic when the VPN connection is down. You may want to allow your antivirus access to the internet regardless of your VPN status, for instance, but not your web browser or torrent client.

If there is no kill switch included with your VPN, you could adjust your firewall settings to act as a stand-in kill switch. Exactly how this is done varies depending on your operating system, but it basically requires you to create a new rule that blocks your internet connection whenever your device attempts to connect to anything other than your VPN network.

There are some free tools available that operate much like an app kill switch, such as VPN Watcher or VPN Check that can help you keep track of your VPN connection and protect you by preventing specific apps from sending any information if the VPN connection is down.

How can a DNS Leak Test help?

In addition to IP leaks, VPN users are vulnerable to these two other types of leaks:

DNS Leaks

The Domain Name System is the reason we can navigate the vast content of the internet relatively easily, but it also jeopardizes our privacy. DNS is used to map hostnames to IP addresses so, rather than having to remember a complex series of digits, you can simply type in the name of the site. For Bestonlinereviews, for instance, the IP address is the easily forgettable www.bestonlinereviews.com/34.203.88.202 but you can get there just by remembering www.bestonlinereviews.com.

For each online activity you perform, your device sends a query to a DNS server, which responds by sending information on how to find what you’re looking for. If your device and the DNS resolvers aren’t communicating effectively, it can result in a DNS leak. In some instances, for example, your device may send a DNS request outside the encrypted tunnel of your VPN connection, exposing a list of all the sites you’ve visited and apps you’ve used. A simple online DNS leak test can soon alert you to any such vulnerabilities but simply knowing it’s happening isn’t enough to stop it. When you test DNS leaks, VPN leak issues can be resolved easier.

Some VPN providers have their own DNS servers which, if properly configured, should protect you against DNS leaks. ExpressVPN, for example, not only uses its own DNS servers but also runs entirely on zero-knowledge DNS so no information is stored about your online activities or your apps or IP address. It’s probable, then, that ExpressVPN has one the best DNS leak tests around because it’s one of the few confident enough to put its products to the test knowing them will pass it.

If you’re concerned about your online security and fear you may have a leak somewhere in your system, you can perform a DNS leak test online here or, if you’re using a mobile device, you can do a DNS leak test for Android here.

WebRTC Leaks

WebRTC or Web Real-Time Communication is a clever little open-source project that allows browsers to accommodate video and voice chat services and P2P sharing without requiring a host of add-ons or extensions. Unfortunately, WebRTC also has the unpleasant habit of leaking your IP address. Because WebRTC requests are configured differently to your other internet traffic and special communication channels, WebRTC requests sometimes manage to bypass your VPN tunnel. This means any site you visit could request and access your real IP address.

As DNS leaks are more the fault of the web browser you’re using rather than your VPN, fixing them requires a different approach to IP leaks, namely by disabling WebRTC on your browser. This can cause your browser to slow down and may cause some lag, but if your priority is security over speed, this is the way to go. WebRTC can be disabled on all the most popular browsers and is a straight-forward process, although on Chrome, you must download the WebRTC Network Limiter extension to complete the process.

Conclusion

Any kind of leak can compromise your online security, reveal sensitive information about you, your browsing activities, and the sites you’ve visited which is why it’s important to stay up to date with your VPN leak tests.

If you’ve done both an IP and DNS leak test and the results indicate you’ve got a leaky connection somewhere, there are a few things you can try before dumping your current VPN provider and signing up for one of the best VPNs with effective leak protection instead. For instance, you could try changing your default DNS to a faster, more secure alternative like Google Public DNS.

Another approach is to use a VPN monitoring tool as discussed above, but the most reliable solution is to opt for a VPN that offers the latest DNS leak protection, provides consistent connections with few accidental disconnects, and a variety of different security protocols.

ExpressVPN is one of the best VPNs when it comes to security and speed. Not only does it offer some of the best DNS leak protection, but it also includes a kill switch and even uses zero-knowledge DNS to reduce the risk.

Whatever steps you take to boost your online security in 2020, make sure you don’t let an IP leak destroy your anonymity or leave you exposed in cyberspace. Do an IP leak test today and, if you find you’re doing the virtual equivalent of wearing your heart on your sleeve, get ExpressVPN to cover it for you.