What Is a WebRTC Leak? When Your Browser Exposes Your Real IP

A WebRTC leak occurs when the WebRTC (Web Real-Time Communication) API in your browser reveals your real IP address, even when you’re connected to a VPN or proxy. WebRTC is a browser technology that enables peer-to-peer audio and video communication without plugins, and to establish these direct connections, it needs to discover your real network addresses, including your local and public IPs. This IP discovery happens through STUN requests that can bypass your VPN tunnel, exposing the real IP address you’re trying to hide.

How WebRTC Leaks Happen

WebRTC needs to find the best connection path between two peers. To do this, it uses a process called ICE (Interactive Connectivity Establishment) that gathers “candidates” from multiple sources:

Host candidates: Your device’s local (private) IP addresses
Server-reflexive candidates: Your public IP, discovered by querying a STUN server
Relay candidates: A TURN server that relays traffic when direct connection is impossible

The problem is that this candidate gathering can happen through network interfaces that your VPN doesn’t control. Even if your VPN routes all regular traffic, WebRTC’s STUN requests may go through your real network interface, revealing your actual public IP.

Any website can trigger WebRTC IP discovery through a few lines of JavaScript. You don’t need to be on a video call. A malicious page can silently enumerate your IP addresses in the background.

Testing for WebRTC Leaks

Connect your VPN
Visit whatismyip.technology
If you see your real IP anywhere alongside the VPN’s IP, you have a WebRTC leak
Check for both your public IP and local network IPs (192.168.x.x, 10.x.x.x)

Preventing WebRTC Leaks

Firefox

Type about:config in the address bar. Search for media.peerconnection.enabled and set it to false. This completely disables WebRTC but also breaks browser-based video calling.

Chrome / Edge

Install a WebRTC control extension like “WebRTC Leak Prevent” or “uBlock Origin” (which includes WebRTC leak prevention). Chrome doesn’t allow disabling WebRTC through settings alone.

Brave

Settings → Privacy and Security → WebRTC IP Handling Policy → select “Disable Non-Proxied UDP.”

Safari

Safari has limited WebRTC support and handles candidate generation more carefully. Leaks are less common but not impossible.

VPN client

Many modern VPN clients (NordVPN, ExpressVPN, Mullvad) include built-in WebRTC leak protection. Check your VPN’s settings for a WebRTC shield option.

The best approach is using a VPN that handles WebRTC leaks at the network level (by preventing STUN requests from bypassing the tunnel) combined with browser-level protections for defense in depth.

Test It Yourself

WebRTC Leak Test

Check if your browser is leaking your real IP through WebRTC. Connect your VPN first, then test.

Open Tool →

Frequently Asked Questions

Possibly. Chrome and Edge are most susceptible to WebRTC leaks. Firefox can be configured to prevent them. Safari has limited WebRTC support with some protections built in. Test your browser at whatismyip.technology to check.

Only if you don't use video/voice calling in your browser. WebRTC powers Google Meet, Discord (web), Zoom (web), and many other communication tools. If you rely on these, don't disable it completely, use a VPN that handles WebRTC leaks or a browser extension that limits WebRTC selectively.