A Guide To Online Data Leaks : What They are, How To Spot Them And How To Fix Them

Whether you're currently using a VPN or planning on using one, there is one thing you understand : privacy is paramount.

In a world where a single piece of your data online can reveal boatloads about you, adding a protective cover on your browsing is no longer an option but rather a requirement. And a VPN is perfect for that, right?

But there is a problem.

Even with a Virtual Private Network, certain tidbits about you can still find their way online. And sometimes it's not the VPN's doing although a worthwhile service will be sure to have a solution.

So here, you'll get to know all about the three most common leaks - and how a top notch VPN service can go a long way in preventing anyone of them.

Have at it...

The leaks

  • WebRTC leak
  • DNS leak
  • IP address leak

WebRTC Leak

WebRTC stands for Web Real Time Communication. It is a feature on most web browsers that enables a peer to peer sharing of information - without the need of installing an additional software. For instance, live audio and video feeds.

So, when do we say that a WebRTC leak has occurred?

You see, this feature requires real IP addresses of the involved parties for a quick and smooth sharing experience. So by design, WebRTC has a way of figuring out the true IP addresses of the devices involved even if they’re connected to a VPN. Once your IP address has been revealed this way, then a WebRTC leak has occurred.

But how do you check for it?

Testing for a WebRTC leak is a straightforward process using a number of websites. Browserleaks is a good option. Make sure to disconnect from your VPN for this first step.

Head over to the website and click on WebRTC leak test. You’re going to end up with quite some information but what is important for you to note is your public IP address. Done?

Now, connect to your VPN and access the test website you used in the first step above. If your public IP address matches the one in step one above, there is WebRTC leak. And you need to fix it ASAP.

The general solution to a WebRTC leak is grabbing a VPN service with WebRTC blocking capabilities. Of course, these features have to be turned somewhere in the settings, so be sure to do so.

Other than that, you can follow specific directions in disabling WebRTC for a select web browsers.

For Firefox, type about:config in the address bar and hit Enter. In the search bar, type in media.peerconnection.enabled . Double click to set to false. You’re good to go.

For Safari, click "Safari" and select "Preferences" from the drop down menu. Head over to "Advanced" and check " Show develop menu in menu bar". Now click on "Develop" and select WebRTC from the drop down menu. Uncheck "Enable legacy WebRTC API ". No more WebRTC leaks.

For Opera Mini, select "Settings" and then "Show Advanced Setting". Click "Privacy & security", then "WebRTC" and mark "Disable non-proxied UDP". All clear.

For Chrome, messing around with advanced settings is not advisable. As such, your only solution ( other than a VPN) is to install extensions specifically designed to deal with WebRTC.

DNS Leak

A Domain Name System (DNS) is what makes browsing the net an easy task. A DNS server links your URL queries to the corresponding IP addresses of host servers, a process that enables you to view the intended web pages.

While this is a good thing, these servers keep records of all the IP addresses that send queries of websites. This way, a whole lot of information about your browsing activities is easily accessible by whomever is running the servers - mainly your ISP. And you never know what they might decide to do with it.

If you’ve chosen to use a VPN, then you’re definitely aware of this risk. With a VPN, the DNS server is run by the company - usually maintaining a strict no logs policy. That means your online activities are not stored anywhere whatsoever.

So in the event that your traffic is going through your ISP’s ( or any other party’s) servers other than your VPN service’s, then that is a DNS leak.

How do you find this out?

Log on to Browserleaks with your VPN disconnected. Click on "IP address" and check out DNS leak test. Note the indicated servers. Basically, there are those of your ISP.

Now, connect to your VPN and repeat the same procedure. If the servers you saw above are still available, there is a DNS leak.

To fix this, check if your VPN has an option of using only their DNS servers for browsing. Allow and proceed. If this option is not available, you should seriously think about switching to a different provider.

Additionally, activating the kill switch guards against any traffic spill off to your ISP in case of sudden drop of your VPN network.

IP Address Leak

An IP address is a unique numerical identifier given to any device that is connected to a network. Through such an identifier, internet-enabled gadgets are able to send information between each other.

For the worldwide web, your IP address is assigned by your ISP.

But with a VPN, you get assigned a different address that is not necessarily in your geographical location. Your true IP address is masked consequently protecting your identity online.

For one reason or the other, this may fail to happen, hence exposing you to your ISP or other third party snoopers. And that is basically what is called an IP address leak.

As with all the above leaks, testing for an IP address leak requires that you disconnect from your VPN.

Go to Browserleaks and take note of the displayed IP address. Now connect to your VPN and check the page again. Same address? That’s a leak.

To guard against it, always ensure the kill switch is on in case your VPN network disconnects unexpectedly. Another route to take is taking to customer support to see if your device is configured properly or to resolve any technicalities from their end.

Additionally, ascertain if your IP address is IPv4 or IPv6. The latter is not protected by all VPNs. So, switching to one that caters for it will be the most worthwhile step to take.


Having a VPN is a significant step towards online privacy. But you shouldn't stop there. Be sure to look out for the above leaks and the corresponding fixes to foolproof your security.




SaaS Content Writer For Hire. https://www.themusundi.com/

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium


NHS Scotland’s Covid Status app criticised over privacy failings

Part 1: A pragmatic guide to building your bug bounty program

Setup AWS Cognito on the Fly for Open search Authentication

Ethereum Pawn Stars: “$5.7M in hard assets? Best I can do is $2.3M”

Cyber Attacks-Winston Churchill says find out what is happening and stop them.

74% of ransomware revenue goes to Russia-linked hackers

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Oscar Musundi

Oscar Musundi

SaaS Content Writer For Hire. https://www.themusundi.com/

More from Medium

Using DutyCalls for IoT applications

Using Google Chat for Elastic Security Alerts

Scale datacenters past the number of VLAN IDs with NSX-T Tier-0 and Q-in-X