How to Check your VPN is Secure & Working
In an era where your browsing history is sold legally, net neutrality is dying & just the whole climate of Internet privacy, you might just want to double-check your VPN is working. Let’s ensure your VPN is secure & protecting you from today’s modern threats.
Check your VPN is Secure
Below are a series of tests we will use to check your VPN is working and actually protecting you.
1. WTF is my IP
While it may not be the prettiest website name, it sure gets the job done with no ads or trackers. Click the link and ensure that when you connect to your VPN, your IP address changes on the website. The location may be nearby you, but the IP address needs to change. If it does not check the VPN leaks section below.
2. Whoer
Whoer is our favorite way to truly test a VPN and browser combined. This is an extended test that can seem a little scary, but it’s super easy. Once you visit the webpage you will want to scroll down a little bit and look for the block labeled ‘Interactive Detection.’ Don’t mind what is or isn’t checked and enabled. Click the green run test button right next to the words ‘Interactive Detection.’ Whoer will check if you have Flash, Java, WebRTC, etc. enabled and try to use the application. It reaches out to sources within your browser and returns the IP it detects. Ensure that either no IP address is detected or only the VPN IP address appears. If any IP address other than your VPN appears, your leaking, visit the VPN leaks section below.
3. DNS Leak Test (critical)
By far our favorite website to test for the most common and critical leak of all, the DNS leak. Do an extended DNS leak test, yes the test can take some time or even freeze, be patient. Now, this is where things can get a little spooky. Take a look and ensure that any of the possible dozen DNS servers that may show up are not related to your Internet Service Provider (ISP). You may see an array of DNS hosts, anything from Google to bizarre sounding names, this is good. The only thing we need to ensure is that the DNS is not your personal DNS, such as mumbojumbo.comcast.127.terribleisp.com. If it is, check the VPN leaks section below for solutions.
Now if your VPN passes all three tests you’re good to go. Before you depart, I’d like to be the bearer of one last piece of bad news. These tests don’t prove your VPN is actually encrypting your data. This is simply checking your VPN is masking you. The algorithms your VPN provider is employing is a whole nother topic, but if you’d like to learn more feel free to click around VPNFTW. I’d like to warn you, this is not for beginners, have fun learning!
My VPN is Leaking
Don’t fear, VPN leaks are common and happen often for an array of reasons, at times, it’s even the VPN’s fault. Now there are three main types of VPN leaks that we will cover today, including IP Leaks, WebRTC leaks, and DNS leaks. Now all three of these VPN leaks are relatively critical as they can expose your real IP or even reveal your traffic in certain situations.
IP Leaks
A majority of IP leaks stem from the VPN not being set up properly. If your IP address does not change when you click connect, uninstall and reinstall the VPN client. Make sure you install the latest VPN client from the provider’s official website or the proper OpenVPN package your provider recommends. When you click install, make sure you install any TAP drivers, if prompted, and “Allow” any firewall bypasses, if prompted, by the VPN. If leaks still occur after checking these steps contact your VPN’s support, this is an irregular client issue.
WebRTC Leaks
Leaks coming from WebRTC are oftentimes a browser issue and can expose your real IP in rare situations. Our diagnoses is to install a browser plugin, uBlock Origin. It’s a privacy plugin that blocks modern trackers and ads. Much better than it’s rival, Adblock, who has begun selling ads. Now trust me, I am no fan of installing anything someone recommends me on the web, but uBlock Origin really provides some great functionality. Install uBlock Origin on your browser of choice and follow the instructions below.
Solution: uBlock Origin
Once installed, click the beautiful red button on the top right of your browser. Underneath the big power symbol look for the three lines with dots on the right hand side. Click that tiny icon. It will bring you to a new webpage, look for the Privacy checkbox slightly down the settings tab, put a check mark next to “Prevent WebRTC from leaking local IP addresses.” That’s about all I got, it’s an amazing plugin and will save you with or without your VPN automatically.
DNS Leaks
DNS leaks are very common and actually very detrimental to the very core of a VPN. A great photo from the beautiful website, DNS Leak Test, very accurately describes the very impact of a DNS leak.
Solution: DNS Leaks can be caused for a number of reasons, our top 2 solutions to a DNS leak are:
- Manually change the DNS Server on your computer
- Use a VPN with DNS leak protection (I know not much help)
How to Change Your DNS Manually
Now changing your DNS manually varies for your operating system and version. Now for the sake of time, I will go ahead and link out to individual guides on how to manually change your DNS for Windows 7, Windows 8, Windows 10, Mac OS X, Ubuntu, Chromebook, Android, iOS, DD-WRT and TomatoUSB.
Well, what do you change your DNS too? Be mindful of the option you choose, remember the DNS leak photo above. In my privacy eyes, there are only four DNS providers I would ever trust:
- Cloudflare
- IPv4: 1.1.1.1 and 1.0.0.1
- IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
- OpenDNS
- IPv4: 208.67.222.222 and 208.67.220.220
- IPv6: 2620:119:35::35 and 2620:119:53::53
- Google Public DNS
- IPv4: 8.8.8.8 and 8.8.4.4
- IPv6: 2001:4860:4860::8888 and 2001:4860:4860::8844
- CentryLink (Level 3 Communications)
- IPv4: 205.171.3.66 and 205.171.202.166
- IPv6: 2001:428::1 and 2001:428::2
Now why choose any of these providers, especially the all-seeing eye, Google? DNS is a critical component to the very infrastructure of the Internet and still very vulnerable. You never want to be using an untrusted John Doe’s DNS. Google’s public DNS is absolutely amazing in terms of speed and security, not so much privacy. It’s Google after all. The number one reason we mentioned OpenDNS first, it’s been used and trusted by millions for years. Level 3 is a major corporation that’s been providing free and secure DNS for years.
If you’re already integrated with Google, use Google Public DNS, they already know everything. If you’re a little more conscious, use OpenDNS to plug your DNS leaks.
VPNs With Leak Protection
While this article is not aimed at being an advertisement, I figured I would share some of our favorite VPNs that have leak protection built-in. A feature that is mind-bogglingly still not industry standard.
1. NordVPN
NordVPN is our number one choice as they force you onto Nord’s SmartDNS (it’s actually pretty smart), offer a VPN kill switch, and include an additional key privacy feature. Nord offers an application kill switch, this allows you to kill specific applications of your choice if the VPN connection drops. Say you don’t want your game to turn off if the VPN disconnects, but you do want to ensure that pesky BitTorrent that keeps popping up gets cut-off. Just click the app.
2. Private Internet Access
Private Internet Access comes in close second as they offer the most flexibility when it comes to leak protection. All the settings are built right into their Windows, Mac, and Linux clients. Private Internet Access has an individually enabled VPN Kill Switch, DNS Leak Protection, and an IPv6 Leak Protection button built-in. Enabled with one click.
3. Windscribe
Windscribe also offers a flexible killswitch firewall, and you don’t even have to worry about DNS leaks as everything is directly piped through their DNS servers, completely eliminating your ISP’s DNS.
Conclusion
Often times VPNs can be as easy as one-click-connect, making it hard to know if the VPN is working properly or even securing you.
Any type of VPN leak is critical as it exposes the real intention you’re using the VPN. Not only does it leave you vulnerable, but some services also may not work properly as you have an IP in one area and a DNS coming from a whole other area. Checking your VPN is vital to ensuring that your VPN is secure.
Outdated Video Tutorial
Here is an outdated YouTube tutorial we made on how to check if your VPN is leaking. It may be easier to follow along, but we recommend using the new links provided above for the best results.
Super site
You are a frickin hoot Brandon,
I’m totally new to using a VPN, and came upon your site to see if it’s working;)
Thank you for the laughs, and thank you for all your hard work, and using your brain:) Denise