VPN Security Tests – How to Test Your VPN for Leaks

Share this:

If you happen across the website of just about any VPN provider, you are sure to be hit over the head with assurances of security and privacy. In fact, most VPN providers claim to operate the most secure services in the industry. And of course, they try to convince you that your data will stay 100% safe as soon as you hop on their service.

Which is how it should be. After all, data security and online privacy are the most essential reasons for using a VPN in the first place. Unfortunately, it is not always the case. For a variety of reasons, your VPN client may be the culprit leaking your information over the internet. Security leaks can lead to far-reaching consequences, as you can well imagine.

And that’s why VPN Jedi is here to show you the various methods you can apply in testing your VPN connections for the most common leaks. These tests will confirm whether your VPN is actually secure, or whether you have potentially been giving away vital information.

DNS Leak Test

DNS is short for Domain Name System. It is basically a directory of domain names (like vpnjedi.com) that match with their IP addresses. Every device that accesses the internet is assigned a unique IP address. Websites are also assigned IP addresses.

But memorizing these IP addresses (especially IPv6) would naturally be a very tedious process. DNS makes it easy for browsers to access internet resources by translating domain names into IP addresses. You can think of it as your phone’s contact list that matches your contacts’ names to their phone numbers.

Internet Service Providers, or ISPs, do the job of translating these domain names to their corresponding IP addresses. Under normal circumstances, that is. When you use a VPN though, your IP address gets hidden in the secure tunnel created by your VPN so that your location cannot be tracked.

But what happens when there is a translation leak in the VPN’s tunnel? You guessed it. Your IP address information is exposed and any number of interested parties may be able to track your actual location with that information. DNS leaks are entirely counter opposed to the purpose of using a VPN in the first place.

To test whether or not your VPN has a DNS leak:

  • Note down your ISP’s IP address.
  • Next, log into your VPN and connect to a server that is based outside your country.
  • Load a DNS leak tool like DNSleaktest.com or ipleak.net.
  • If the IP address details you see are that of your ISP, then there is a DNS leak.

You should note that a DNS leak will not directly reveal your actual IP address. It only reveals that of your ISP. However, interested parties like hackers or your ISP can use the revealed information to zero in on your IP address and consequently, your location.

Not all VPNs can guarantee DNS leak protection. ExpressVPN operates its own speedy encrypted DNS servers to ensure that you don’t fall victim to DNS leaks.

IPv4 and IPv6 Leak Test

An extensive study of about 300 Android VPN clients by Australia’s CSIRO agency discovered that up to 84% leaked users’ IP addresses. That is a very damning statistic. It means that while VPNs all try to persuade you that they protect your IP address, a very significant number of them do a terrible job of it.

To confirm your VPN does not have IP address leaks, it is essential that you test at both active connection and reconnection stages. That’s because your VPN is more likely to leak your IP address after an interrupted connection.

As an aside, it is important that you use a VPN with a kill switch feature like NordVPN. A kill switch monitors your internet connection and ensures that all internet traffic is immediately blocked when there is a connection downtime.

To test for IP address leaks:

  • Note down your actual IP address. You can check your IP address on WhatIsMyIP.com
  • While staying connected to your VPN, disconnect your internet connection.
  • After the internet connection is down, reconnect to the internet and start the IP address leak test with a tool like IPLeak.net. The test should be carried out quickly.
  • When the VPN reconnects, check the result of the test. If you can see your IP address, then there is an IP address leak.

No VPN should experience IPv4 leaks. If your VPN does, then it is essential to your internet security and privacy that you switch providers. Also, if your VPN does not have support for IPv6, then chances are that it will leak it. VPNs that support IPv6 automatically provide IPv4 protection.

WebRTC Leak Test

It should come as no surprise to you if you have never heard of WebRTC – most people haven’t. WebRTC is an open-source framework that provides web browsers and mobile apps with real-time communication (audio, video, P2P file sharing). It is used to provide faster speed solutions for such tasks as live streaming, peer to peer file sharing and transfers, and video chats.

WebRTC is largely used in browsers like Chrome, Safari, Firefox, Opera, and Internet Explorer. It eliminates the need to install extra plug-ins and native apps. But WebRTC APIs can also leak your IP address. In 2015, it was discovered by TorrentFreak that browsers with WebRTC support are liable to expose users’ IP addresses while on a VPN.

To test for WebRTC leak, simply load the Perfect Privacy WebRTC Test website. It’s pretty simple and straight-forward.

To prevent WebRTC leaks in the future, you may want to turn off WebRTC on your browser. This can be done using a variety of 3rd party extensions.

Malware Test

Malware presents a very big risk for your device and data security. It is especially a huge problem in the Android ecosystem. According to the Australian CSIRO agency earlier referenced, about 38% of Android VPN clients contain malware.

Malware posing as free VPN apps gather user data which is then sold to third parties for a profit. To test a VPN for malware, upload the app to a tool like VirusTotal.

How to Fix VPN Security Leaks

If you have carried out the tests above and discovered that your VPN has leaks, then there is a need to act decisively to correct them.

First of all, you’ll probably want to switch to a VPN provider that will protect you from the dangers of potential leaks. These top of the line VPN options come with the best in-built features that specifically guard against leaks.

NordVPNGet NordVPN
ExpressVPNGet ExpressVPN
Private Internet AccessGet Private Internet Access
SurfsharkGet Surfshark
CyberGhostGet CyberGhost

If you like your current VPN provider too much to switch, an alternative would be to purchase a Guavi VPNCheck Pro subscription. This product comes with a DNS leak protection feature, as well as several others to help supplement your VPN.

You can also use browsers built for protection, such as the Tor browser. To spoof your location on your regular browser, you can use the Location Guard extension for Chrome, Firefox, and Opera.