Checking for WebRTC Leaks

WebRTC (Web Real Time Communications) is a network streaming protocol developed by Google for Chrome. The protocol is also built into other popular internet browsers, such as Opera and Mozilla Firefox. It works on desktop browser versions as well as mobile apps.

WebRTC is used for video and audio communication. It was developed to improve the functionality of browser-based multiparty conferences. WebRTC allows users to hold online meetings without using a server to store and relay video or audio. This is achieved by transferring data from one user's internet browser to another. Unfortunately, the protocol has a vulnerability - a third-party user can find out your local IP address.

How WebRTC Leaks Happen

Since users connect directly to use WebRTC, the program provides the user’s IP address to the other side. The users are vulnerable even if they use a proxy or Tor because an attacker can find out the real IP address and the browser makes it even easier.

An attacker only needs to inject special JavaScript code into a web page. The malicious website would then try to trick the program into providing a local IP address as part of communication via WebRTC.

You should check for IP address leaks via WebRTC if you are already taking some measurements to remain anonymous online. If you are not using streaming or online conferencing features, it is best to completely disable the protocol in the program.

How to check for a leak

Our service will test the browser and find out if WebRTC technology is activated. The service will try to get your real IP address through WebRTC vulnerability and compare it with data obtained in other ways.

Your best bet is to double-check for a possible WebRTC leak. The first time, you need to check using a regular internet connection. Then, check after activating the VPN. You should do this test in all browsers used on the device.

Here’s how you would do it:

• Turn off VPN and open the service page in a new tab or window
• Write down any IP addresses it detected
• Close the page
• Connect to the VPN and repeat the test
• If you still see any of the IP addresses you wrote down earlier, your VPN is not properly protecting you.

Testing should be done regularly, especially after updating the browser or installing new programs. Other applications can make changes to the device's network settings or activate a disabled protocol.

How to Fix an IP Leak

The most reliable way to protect yourself from the threat of having your real IP address revealed is to disable this vulnerable point in the browser. Here is how you would do it in the most common browsers.

• Disabling WebRTC in Chrome

The desktop version of the browser from a well-known search engine does not provide users with an easy way to disable the protocol. To deactivate it, you will have to use special plugins, such as WebRTC Leak Prevent or Easy WebRTC Block.

To install the plugin, you need to go to the Chrome web store, find the necessary plugin using the search feature and install it. After activating the plugin, it is better to check the browser for leaks again.

In the mobile version of the program for the Android platform, there is the possibility of a quick deactivation. You need to follow these steps:

• Open Chrome on your phone and go to chrome://flags
• In the search bar, enter disable WebRTC
• Change the value for both parameters to Disabled
• Click on Relaunch Now
• Check for leaks in the program again
• Disabling protocol in Mozilla Firefox

Firefox allows you to deactivate the protocol without installing additional plugins. If you ever need to use the WebRTC protocol, it can always be reactivated. To go to the browser settings, you need to type about:config in the address bar and press Enter. Then, click the "I accept the risk!" button.

In the search bar, you would enter the string media.peerconnection.enabled. Next, you should change parameters to false in the entry that is pulled up. The protocol is now disabled. To check this, run an online leak test.

• Disabling WebRTC in Yandex.Browser

Yandex.Browser uses Chrome, so the steps to disable the protocol will be similar. It is impossible to disable the use of the protocol in a typical way right in the browser. You will need to install a special extension.

In Yandex.Browser, you can install and use extensions and plugins of your choice from the Opera catalog and the Chrome web store. You can install the WebRTC Control plugin from the official web store and activate it. After activation, the extension icon should turn blue, which means you are protected from the IP address leak vulnerability.

• Disabling WebRTC in Opera

Opera allows users to remove the protocol through the settings or using a special extension.

To deactivate the protocol in Opera, you should go to the menu and choose the Settings section. In the "Security" subsection, you would check the box for "Show advanced settings" and select "Disable non-proxied UDP (force Proxy)" in the WebRTC section.

You can also use the WebRTC Control extension. After installing it, the protocol support in the browser will be disabled.

• Disabling WebRTC in Apple’s Safari

There is no need to disable WebRTC in Apple’s Safari. The technology is disabled by default.

You can prevent WebRTC IP address leaks using a VPN. A virtual private network does not allow others to determine the real IP address by substituting it for the address of the VPN service. All data transmitted over the network is securely encrypted and protected from interception.

To connect to the hidemy.name VPN service, you just need to download the application from our website, select a country, server, and click connect. The client will independently set up a secure connection and protect against protocol leaks and other potentially dangerous ways of your privacy being disclosed.

Other benefits of the hidemy.name client:

• Multi-OS support, including Windows, macOS, iOS, Android, and Linux;
• Connection to a secure network with one click on the "Connect" button;
• Usage does not require special knowledge or settings;
• Ability to quickly change IP address without reconnection;
• Protection against detection of real IP when the VPN unexpectedly disconnects;
• Encryption of the connection process with the “Chameleon” function, which allows you to bypass the VPN blocks without being detected;
• Support for multiple protocols: OpenVPN TCP&UDP, L2TP, and PPTP.