VPNs (virtual private networks) are useful for many things. Not only are they one of the best cybersecurity tools, but they are also great for accessing international streaming services, booking cheap flight tickets and much more.

Not all VPNs are the same, however. Free VPNs should generally be avoided, for example, as some have been caught selling on their user’s browsing data in order to make a profit. Even legitimate, paid VPNs can differ greatly when it comes to server choice and connection speeds.

While VPNs are supposed to keep your internet activity private, they can be vulnerable to leaks which can potentially reveal your IP address or allow your internet service provider (ISP) access to your browsing history. Not ideal if you’re using the service in the hope of protecting your privacy online.

Data leaks are also a cause for concern for VPN users who wish to access international online streaming sites. If you find yourself blocked from online streaming even when using your VPN, there is a chance that the streaming service is detecting your real location due to a data leak and is denying you service as a result.

Testing your VPN to see if it is doing its job and protecting your online privacy is fortunately quite easy with the right tools. Here’s a look at three common types of data leak from VPNs, and how to check if your VPN is keeping you protected.

Is your VPN susceptible to dropped connections?

Dropped connections are the most common type of data leak, generally affecting VPNs which are not properly configured. A dropped connection happens when the ‘tunnel’ linking your computer to the VPN server is temporarily disrupted, and your computer connects to whichever site you are on directly. The site will then see your actual IP address, and your privacy is compromised.

Most reliable VPNs offer an option to prevent dropped connections from compromising your security. This option is normally called a ‘kill switch’, as it kills your whole connection if the secure VPN tunnel fails. Ensure that the ‘kill switch’ option is enabled in your VPN client – but if you can’t locate that feature, look into what your VPN provider is doing to prevent dropped connections and if it is really doing its job.

Is your VPN susceptible to DNS leaks?

DNS (Domain Name Servers) are the phone books of the internet. They store all the web domains – website names – and the corresponding IP addresses for finding the server that holds each website.

When you type in a website into your browser’s address bar, your browser finds the address of the website’s server by asking a DNS. This can pose a security risk when you use a VPN, as all your web traffic is supposed to go through a secure, encrypted tunnel, but the DNS request may go outside this tunnel.

Since your computer most likely defaults to using the DNS of your ISP, a DNS ‘leak’ of this kind means that your ISP will be able to see and record all your internet traffic and the websites you visit. This defeats the point of using a VPN for securing your online privacy, so it is something that you want to prevent from happening.

To check if your VPN is susceptible to leaking DNS requests, use a free DNS leak test. If the test tells you that you are vulnerable to DNS leaks, you should enable the ‘force DNS’ option in your VPN app, which most reputable VPNs will have. This option forces your DNS requests to go to secure servers and prevents them from bypassing the secure VPN tunnel.

How DNS leak tests work

A typical DNS leak test involves sending a series of URL requests for your VPN client to resolve, assuming you’re connected through your VPN. Put simply, the test is asking your browser to look up a series of different URLs. The requests will be sent to whichever DNS servers your VPN service uses.

If the IP address that’s returned isn’t that of a server owned by your VPN provider, it means you’re leaking data. If they have one, it’s best to use a test provided by your VPN company – that’s because other tools might not know if the DNS you’re using is a VPN DNS, and might just assume that anything sent back is the result of a leak.

Is your VPN susceptible to WebRTC leaks?

WebRTC (Web Real-Time Communications) is a technology used by many popular online apps including Google Hangouts, Facebook Messenger and Discord. Using peer-to-peer tunnels, WebRTC allows high-definition video and audio to be sent from one user to another in real time.

While WebRTC is a highly useful technology for creating web apps, it also poses a security risk for users of VPNs without WebRTC leak protection. Since WebRTC creates a new peer-to-peer connection between users, this connection will bypass the secure VPN tunnel and potentially expose your real IP address.

Finding out if your VPN is susceptible to this kind of leak is possible using a WebRTC leak test. If you are vulnerable, then you will need to switch off WebRTC from your browser. This will disable apps like Google Hangouts, but will ensure that your online security stays protected.

There are apps available on Chrome, Firefox and Opera for disabling WebRTC, which you can easily find by searching ‘WebRTC block’ in each of their respective extension shops. In Safari, WebRTC is usually disabled by default.

Not all VPNs are alike

While VPNs are great for many reasons, they are still susceptible to flaws just like any other tool. The most important thing about cybersecurity is always being aware that there are possible vulnerabilities, and not taking the privacy of your online activity for granted.