When you purchase a VPN service, it is always a good idea to ensure it is working correctly.
A good quality VPN should provide software that works seamlessly to give you strong digital privacy and security. However, there is always the chance that VPN software is encountering a problem. If that is the case, the VPN could be giving you a false sense of security every time it connects.
Even if you have subscribed to one of the best VPNs on the market, we would advise against simply assuming it is working. To be safe, you should check that the VPN is actually doing the things it is meant to do.
Luckily, checking to see whether your VPN is working is not particularly hard. If you find a problem, this guide will help you to patch it up so that the VPN is giving you the digital privacy you need.
Test VPN for DNS leaks
When you browse the internet, you must make Domain Name Server requests in order to access the websites you want to visit. Usually, your ISP handles those requests. When you use a reliable VPN, DNS requests are handled by servers belonging to the VPN (or at least are proxied securely to third-party servers). This stops your ISP from knowing what websites you visit.
If your VPN leaks DNS requests to your ISP, that VPN is failing to protect your privacy because (despite encrypting your traffic) your ISP is still able to track the websites you visit.
Checking to see whether you are experiencing DNS leaks is pretty easy because there are online services that tell you what servers are handling those requests. For detailed information on DNS leak protection please visit our guide. To test for DNS leaks follow these simple steps:
Navigate to ipleak.net without your VPN connected and make a note of the servers that your device connects to. DNS requests will be handled by your ISP, and the IP addresses for your connection will register as belonging to your ISP.
Connect to a VPN server.
Open an incognito window in your browser (this prevents caching problems).
Navigate to ipleak.net again. The results will now show you which servers are being used while you are connected to the VPN. If you see an IP address or DNS address that belongs to your ISP: Your VPN is leaking. A VPN that is working correctly will spoof all your addresses. That means none of the addresses you see will belong to your ISP.
If you are experiencing DNS leaks, you will need to patch them up - because the VPN is not providing privacy. For full details on how to patch DNS leaks please check out our full guide.
Test VPN for IP address leaks
When you use a VPN, its job is to conceal your real IP address (location) and provide you with a remote IP address in a location of your choice. An IP leak happens when your real IP address is still being forwarded to the websites that you visit; even when you are connected to the VPN software. A straight IPv4 leak is the worst kind of leak that you can experience because it means that the VPN is completely failing to spoof your location.
If you are experiencing an IPv4 leak, your VPN software is not concealing your location from the websites that you visit. That means those websites know exactly where you are. It also makes it easy for interested parties (copyright holders, for example) to track down who you are.
For more information on IP leaks please visit our ultimate IP leak guide. To test your system for IP leaks please follow these simple steps:
Navigate to ipleak.net without a VPN on and check your IP address. You will need to make a note of your IPv4 address and your IPv6 address (if you have one). Most ISPs only provide IPv4. However, it is possible that you have an IPv6 connection too; so you must check.
Connect to a VPN server.
Open an incognito window and navigate to ipleak.net.
Compare the IPv4 and IPv6 addresses to the ones you got with the VPN switched off. All the IP addresses should now belong to your VPN provider. None of your real IP addresses should be visible and the IP addresses should register as the remote location you selected in your VPN app.
If you are experiencing a straight IPv4 leak: your VPN is not working and you will need to uninstall the software and reinstall it to make sure that it works correctly. It is important to use an uninstaller like Revo that carefully removes the VPN software from all the directories on your hard drive. Also, remove any conflicting VPN clients and Tap drivers you have installed - to be sure that nothing incompatible is causing the issue.
If after reinstalling the VPN you still experience IPv4 leaks - the VPN client does not work and you should approach your provider for your money back (this should not happen with any of the VPNs we recommend on ProPrivacy.com). For more information, please check this guide on IP leaks. If you detect an IPv6 leak, please read the section below.
How to fix IPv6 leaks
Unlike an IPv4 leak, an IPv6 leak can be fixed client-side with relative ease. IPv6 is still in the process of being rolled out, and, for the time being (and into the foreseeable future) it will be possible to revert back to IPv4 to fix VPN leaks being caused by an IPv6 connection. If you detect an IPv6 leak the best course of action is to disable it:
Navigate to your control panel.
Open Network and Sharing center.
Click on Change adapter settings in the left window pane.
Right click on your local network connection and click properties.
Uncheck the box for IPv6 and click OK.
IPv6 connections are now disabled which means your connection will revert back to IPv4 and you will no longer suffer any IPv6 leaks (including IPv6 WebRTC leaks).
Test VPN for WebRTC leaks
The WebRTC bug is a browser-based problem that causes data to be leaked to the websites that you visit. A WebRTC leak allows the websites that you visit to detect your real IP address. Because WebRTC is browser-based, it can easily be fixed in a number of ways:
Install a Chrome or Firefox extension designed to block WebRTC requests. We recommend Easy WebRTC block.
Disable all WebRTC connections from inside your browser (both Firefox and Chrome permit you to disable WebRTC).
For more information on fixing WebRTC leaks please visit our guide.
Testing a VPN for Malware
A study published in 2016 by CSIRO revealed that a huge number of VPNs (particularly free VPNs) contain malware. Among the offending VPN clients, all manner of unwanted spyware, tracking libraries, and other unwanted malicious code was found buried inside the apps.
Anybody who downloads a VPN that is relatively unknown directly from an app store is highly recommended to scan the software for malware before installing it. CSIRO relied on the free online tool VirusTotal to check VPNs apps for malware, and we recommend that you do the same. To do so, simply head to the website, select the file for the VPN you want to check and perform the scan.
Remember that while anti-virus protection like Malwarebytes is good (and will scan your whole system); VirusTotal scans a bunch of online anti-virus services. VirusTotal is actually better for scanning individual files for problematic code.
Finally, please remember that free VPNs are an easy way to open yourself up to severe security issues. The vast majority have very serious flaws, terrible privacy policies, outdated encryption (or none at all), and may contain tracking libraries, spyware, and malware. For this reason, it is vital that if you do decide to use a free VPN, you stick only to one of our recommended services.
Image credits: Profit_Image/Shutterstock.com, legdrubma/Shutterstock.com