Are you trusting your VPN service to protect your privacy and security?
Be careful. Most VPNs fail when it comes to protecting their users. That’s why it’s important to test your VPN service using the methods below.
The only way to truly determine how well a VPN performs is through testing. This is especially true since many VPNs market “features” that don’t actually work.
For the tests below I provide two different testing tools. One test may detect problems where another won’t. So it’s a good idea to use both tests for each category.
Let’s get started.
1. DNS leak test
The Domain Name System (DNS) is a system for converting URLs, such as restoreprivacy.com, into a numerical IP address, such as 18.104.22.168. This translation process is normally handled by your internet service provider (ISP), except if you’re using a VPN service. A DNS leak occurs when these translation requests leak out of the VPN tunnel, exposing the IP address (and location) of your ISP.
To run a DNS leak test, connect to a VPN server outside of your country and then visit one of the test sites below:
- Perfect Privacy DNS Leak Test (This is a very accurate DNS leak test tool. It seems to detect DNS leaks when other methods do not find problems. Below the tests results you can also find a detailed explanation of DNS leaks.)
- IP/DNS Test at ipleak.net (This is another DNS leak test tool that also includes IP address leak results.)
Connecting to a VPN server outside your country makes detecting DNS leaks easier. You can see above there are two DNS requests leaking out while connected to a VPN server in the United States.
A DNS leak does not expose your IP address, but instead the IP address and location of your internet service provider (which can be linked back to you).
Solution to DNS leaks: Get a VPN that uses its own secured, encrypted DNS system. Three VPNs that use their own secured DNS system are:
- Perfect Privacy (based in Switzerland; read review)
- VPN.ac (based in Romania; read review)
- VyprVPN (based in Switzerland; read review)
2. IP address leak test (IPv4 and IPv6)
The harsh reality is that most VPNs will leak your IP address – despite what they tell you on their website. One study of Android VPN apps found that 84% of the VPNs leaked the user’s real IP address.
IP address leaks are especially problematic with IPv6 addresses – even with VPN’s promising IPv6 “leak protection” features (see image below).
Many VPNs have a kill switch that should block all internet traffic if the VPN connection drops – assuming it works properly. Here is a (bad) testing result I found when running tests for the the PureVPN review.
Testing for IP address leaks with your VPN is relatively simple. Just connect to a VPN server and then visit the testing websites.
Here are two different options to test for VPN IP leaks:
- IPv4 and IPv6 Test (This checks for both IPv4 and IPv6 leaks.)
- Perfect Privacy IPv4 and IPv6 Test (This will also test both your IPv4 and IPv6 addresses).
When testing your VPN service for IP address leaks, you should consider two different types of leaks:
- IP leaks when the VPN connection is active
- IP leaks when the VPN is reconnecting
The second type of leak is often overlooked, but many VPNs will leak your IP address when reconnecting (such as after a dropped connection). Here’s how to test for reconnection IP leaks.
With your VPN connected and running, disconnect your internet (not the VPN client). After the connection has dropped, reconnect and then run a “rapid-fire” IP test sequence. A simple way to do this, is to have 10+ tabs opened on the IP test page (from above), and then load/refresh every tab as quickly as possible as the VPN client is reconnecting. After your VPN has reconnected, go back and examine every test result. If you have a few positive hits for your real IP address, then you have a reconnection IP leak.
Solution for IP leaks: The best solution is to simply get a VPN that doesn’t leak. (See this list of VPNs that passed all of these tests.)
If you have IPv6 leaks, you can either manually disable IPv6 connectivity on every device you use with your VPN, or you can get a VPN that supports IPv6. IPv6 support means you will get both an IPv4 and IPv6 when connected to a VPN server.
3. WebRTC leak test
A WebRTC leak test is important for anyone using Firefox, Chrome, or Opera browsers.
A WebRTC leak occurs when your IP address leaks out via WebRTC APIs. Here are two different WebRTC leak tests:
- Perfect Privacy WebRTC Test (This tool will test to see if you have a WebRTC leak, while also providing a detailed explanation of WebRTC leaks at the bottom of the page.)
- BrowserLeaks WebRTC Test (Another WebRTC test that works well, also includes helpful WebRTC information.)
Solution for WebRTC leaks: Aside from the obvious solution of using a good VPN that doesn’t leak, you can also disable WebRTC in your specific browser.
4. VPN speed test
If you’re looking to test VPN speed, here are two options:
What affects VPN speed?
There are many factors affecting speed that you should consider when testing. Here are a few:
- Distance between you and the VPN server – This is usually the biggest factor affecting speed. The further the distance, the slower the speed.
- Number of users on the VPN server – With so many VPNs over-selling their services, “popular” VPNs often have overloaded servers which results in slow speeds and dropped connections. Look for a VPN that provides a server status page with real-time bandwidth information. Two examples of this are VPN.ac (see VPN Nodes Status at the top of the page) and Perfect Privacy’s server status page.
- Regional bandwidth restrictions – Many countries have poor bandwidth infrastructure, which will limit your speed, regardless of how fast your ISP or VPN server is. A few examples of this are Germany and Australia. Another regional consideration is how many people are online at a given time of the day. High usage times can slow down speeds for everyone.
- Internet Service Provider – No matter how fast a VPN server is, it won’t be faster than the speed provided by your ISP. The only exception to this rule is if your ISP is throttling (limiting) your bandwidth. They sometimes do this if you’re doing something they don’t like (such as torrenting). A VPN can potentially help with this issue by encrypting your connection and hiding your online activity from your ISP.
- Processing Power – Whenever you’re using a VPN, your computer is working in the background to encrypt and decrypt packets of information. This takes processing power. The faster your internet speed when using a VPN, the more processing power is needed. So even if your ISP and VPN are fast, your CPU may be limiting your full speed potential (but this mainly applies to very high speeds).
If your VPN is failing these tests, you have two options:
- Work with the VPN support department to try to patch or fix the issues; or
- Get a high quality VPN that won’t leak.
I’ve found that most VPN services are low quality because they focus more on marketing than building a good product. People who are new to virtual private networks and less informed are usually targets for the larger (low-quality) providers and those marketing their services.
If your VPN is failing these tests, it’s probably a common issue with the VPN service that affects most users. Sure, you can spend hours with their support department trying to patch things, but it’s also difficult to fix a low-quality product.
If you’re looking for the testing results of a specific provider, you can check out the reviews section. Many of the biggest, most popular VPNs are not recommended on this website, simply because they did not pass all the tests.
The two main criteria I consider when recommending VPNs are testing results and what jurisdiction the VPN is located in. The jurisdiction is important because it affects your data and privacy (avoid mass surveillance countries).
For a full description of my top VPN recommendations, see the Best VPN List.