Privacy Tool

WebRTC Leak Test

Checks whether your browser exposes your real public IP through WebRTC, the leak a VPN is supposed to prevent. The test runs automatically, entirely in your browser.

Detection runs in your browser. We never log or store your IP.

To reveal a public-facing address, the test briefly contacts Google's public STUN server (stun.l.google.com), the same mechanism any site using WebRTC relies on. That STUN handshake is the only thing that leaves your browser; the addresses it finds are never sent to us. Only an anonymous pass/fail tally feeds the statistic below.

What Is a WebRTC Leak?

WebRTC lets browsers do real-time voice, video and peer-to-peer data without plugins. To connect two peers directly it has to discover your IP addresses, and any web page can ask for them in JavaScript. A WebRTC leak happens when that discovery reveals your real public IP even though you are behind a VPN or proxy, because the request can slip outside the tunnel.

This matters because it quietly defeats the privacy a VPN is meant to give you: a site can log your true IP (and therefore your approximate location and ISP) while you believe you are hidden.

How to Fix a WebRTC Leak

  • Use a VPN that blocks WebRTC leaks (most reputable ones now do).
  • Install a browser extension that disables or controls WebRTC.
  • In Firefox, set media.peerconnection.enabled to false in about:config.
  • Disable WebRTC in your browser's privacy settings if it offers the option (only some browsers do; Chrome no longer has a native toggle).

After changing a setting, click Run test again above to confirm your real IP is no longer shown. For the full picture, see how to hide your IP address.

Frequently Asked Questions

What is a WebRTC leak?
WebRTC is a browser feature for real-time audio, video and data. To connect peers directly it discovers your IP addresses, and a web page can read them with JavaScript. A WebRTC leak is when this exposes your real public IP even though you expected a VPN or proxy to hide it.
Does a VPN stop WebRTC leaks?
Not always. A VPN routes your traffic, but WebRTC can still discover your real IP through a STUN request that bypasses the tunnel. Many VPNs now block this, but you should test it. That is exactly what this page does.
Is a WebRTC leak dangerous?
It undermines the privacy a VPN is meant to provide: a website can see your real public IP (and therefore your approximate location and ISP) despite the VPN. It does not expose your identity or let someone into your device, but it defeats the point of hiding your IP.
How do I fix or disable a WebRTC leak?
Use a VPN or browser extension that blocks WebRTC, turn WebRTC off in your browser settings (in Firefox set media.peerconnection.enabled to false), or use a browser that lets you disable it. Re-run this test afterwards to confirm your real IP is no longer shown.
Why does the test show a “.local” address or nothing?
Modern browsers hide your local IP behind a random “.local” mDNS hostname, which is good for privacy: there is nothing to leak there. Seeing no public IP means WebRTC is not exposing your real address.
Does this test store my IP address?
No. The detection runs entirely in your browser. To reveal a public-facing address it briefly contacts a public STUN server run by Google (stun.l.google.com), the same mechanism a malicious page would use, but the result is never sent to us, logged or stored.

Related Tools & Guides