While VPNs are an effective method for enhancing privacy while browsing and bypassing geo-restrictions, it is a common misconception that your IP address and online activities will always remain hidden. Regardless of whether you opt for a premium VPN service or a free one, there is still a risk of experiencing IP leaks through your browser or operating system. Therefore, despite thinking that your IP address is concealed, it could be compromised by leaks, ultimately rendering you easily detectable online.
After reviewing most services, we recon ExpressVPN is the best VPN for privacy, streaming and torrenting. For a limited time, get a huge discount and 30-day money-back guarantee.
Each device that can be found on a network will have an IP address which is essentially its identifier on that network. This could be your laptop, a printer, your mobile phone or anything else that can connect to a network such as the internet.
DNS (domain name service) is what the internet uses to allow servers to host more than one website and it works by translating the web address such as www.reddit.com into the given IP address for each website or page that you want to visit.
So when you type in a web address, your browser will send a request to the DNS server which will, in turn, translate that address into the IP address needed to reach that web address. This is called DNS resolution.
Now, when you use a VPN, any DNS resolution request is meant to be done using the custom DNS servers that the VPN requests but this does not always happen. In some cases, the DNS request can still be performed by your computer – a DNS leak that will leave your IP address compromised and no longer anonymous.
DNSCrypt is one way you can keep your activities private as it will encrypt any traffic going from your system to the chosen DNS server but this will still not be able to keep your Ip address anonymous.
There is something you can do to determine if your VPN is leaking your IP address and that is through performing a VPN leak test on the VPN that you use. This VPN check will show you what IP address is being seen when using your VPN.
To perform a DNS leak check, you can make use of one of many IP leak test tools that are available. Many websites and services will have this simple type of tool and they will be able to determine your IP address through a VPN check.
Before you test your VPN however, it is important to run a test when you are not connected to the VPN first and foremost. Here you will be able to determine your actual public IP address and the DNS server. Take note of these before then connecting to your VPN.
Now that you are connected to the VPN, run the DNS leak test again to see what comes up. If the VPN leak test reveals the same IP address and DNS server as before, it means you are suffering a leak.
There are three reasons why your DNS leak check has revealed that you are suffering a leak and these are:
IP leaks through the browser are the most common reason for seeing your public IP address when running a DNS leak test. There is always a chance for a leak to occur due to a browser vulnerability by browsers that use the WebRTC API. WebRTC allows certain web applications to run without the need to install any additional extension or plugins.
Because browsers such as Chrome and Firefox which use WebRTC make use of a STUN server when they want to establish external network addresses, this makes it very easy for a website to discover your actual IP address. This is done via a simple piece of code written in Javascript.
Stopping this from happening can be done, however, as you can either adjust your firewall settings to block any requests made that are not from within your VPN connection or you can just disable WebRTC in your browser.
Another cause for your IP address showing up after a VPN check is that of the VPN itself. This is why you should always use the very best VPNs out there as some might not use their dedicated DNS servers.
Even if they do provide secure DNS resolution, the VPN can still be a reason for a failed VPN leak test. This can be caused when the VPN is outdated and does not support the IPv6 protocol. This new protocol was created to provide longer addresses due to the old IPv4 protocol starting to run out of addresses to use due to the growth of the internet.
When the VPN tries to connect to an IPv6 enabled website, it will fail the request and will instead turn to send an unencrypted request from outside of your VPN to connect. This will result in your actual IP address is visible and will, therefore, result in the DNS leak check failing.
To address this, you should make sure your VPN not only uses its own dedicated DNS server but also supports IPv6. If it does not do the latter, the only other option you have is to disable IPv6 in your operating system. This can be achieved via various guides online.
The final reason why your DNS leak check is turning up failed results could be down to Windows 10. This could be Windows 10 not using DNS server prioritizing with it instead of sending out requests to all DNS servers and going with the first one to respond. This means it could be using your ISPs DNS server instead of your VPNs DNS server on occasions.
Disabling smart-multi homed name resolution in the group policy editor will return Windows 10 to how previous versions of Windows resolved DNS requests. This is to have a priority list of DNS servers to use.
You should always perform a DNS leak test as often as possible to determine whether you are suffering any leaks. Even if your VPN has shown to pass a VPN leak test on several occasions, you should still be performing a VPN check as often as you can just to be on the safe side.