What Is a VPN Leak?
A VPN leak occurs when data that your VPN is supposed to protect — your IP address, DNS requests, and location, for example — is transmitted outside of the encrypted VPN tunnel.
VPN leaks allow your ISP, government, and any other third party monitoring your connection to determine your identity and activity.
Most users will download a VPN to protect their online privacy and hide their true IP address. For this reason, a leaking VPN is fundamentally useless.
Here is a summary of the four main types of VPN leak:
- IP Address leaks: IP leaks occur when your VPN fails to mask your personal IP address with one of its own. This is a significant privacy risk as your ISP and any websites you visit will be able to link your activity to your identity. For more information on IP leaks, skip to the section below.
- DNS leaks: A VPN is supposed to route your DNS requests to its own DNS servers. If your VPN routes these requests to your ISP’s DNS servers instead, it’s called a DNS leak. This exposes your browsing activity and any websites you visit to any other eavesdroppers. You can find out more about DNS leaks here.
- WebRTC leaks: WebRTC is a browser-based technology that allows audio and video communications to work inside web pages. WebRTC has clever ways of discovering your true IP address even if a VPN is on. The best VPNs block WebRTC requests. Alternatively, you can disable WebRTC completely at the browser level.
- IPv6 leaks: IPv6 is a new form of IP address that is not currently supported by most VPNs. Unless a VPN supports or actively blocks IPv6, your personal IPv6 address can be exposed if you’re on an IPv6-enabled network. You can read more about IPv6 leaks here.
Why Is My VPN Leaking?
You undoubtedly want to keep your identity and activity private, so VPN providers market themselves accordingly. The truth is, however, that most VPN protocols were not actually designed with privacy in mind.
By default, most VPN protocols share reveal queries to default DNS servers. They leak IPv4 traffic when forced to reconnect, and they are usually completely oblivious to IPv6 traffic. Only the VPNs specifically developed to offset these problems will offer you protection.
Without proper protections your VPN can leak if:
- There is an interruption in network connectivity.
- You’re using WiFi and switch to a different network.
- You connect to a network that is fully IPv6 capable.
- Your DNS requests are sent outside of the encrypted VPN tunnel.
- You are using a VPN service or browser that does not provide adequate WebRTC protections.
We’ll now cover the different types of leak in detail. To find out which VPNs leak you can skip straight to our VPN Leaks Comparison Table. Alternatively, you can find out how to properly protect yourself from VPN leaks in the last chapter of this guide.