This is important for people to understand. VPNs can’t completely cover your ass even if they are legit no loggers. You need a hardened internet browser as well. Preferably something open sourced like Firefox. Get Firefox (unless you already have) and turn off data collection, disable Flash, set DuckDuckGo as default search, turn tracking protection on always, and put send do not track signals as always. Get key addons like HTTPS everywhere, Ublock, and Disconnect. Then harden your browser’s configs by disabling WebRTC, geo location, fingerprinting, and telemetry. Force your browser to use a SSL negotiation and treat any unsafe negotiation as broken. You can also raise your TLS minimum to make sure nothing but TLS 1.2 is used. Also configure your browser’s cookie policy to dump all cookies upon closing the browser.
There is a plug in for Chrome to block WebRTC leaks. I use ipleak.net to check if anything is not working correctly.
you can make every vpn leak if you poke it enough. also webrtc doesnt leak for me on vpn that are listed as leaking on list.
[/r/netsec discussion](https://www.reddit.com/r/netsec/comments/87q73s/ive_tested_seventy_vpn_providers_and_16_of_them/)
[blog post by voidsec](https://voidsec.com/vpn-leak/)
This is important for people to understand. VPNs can’t completely cover your ass even if they are legit no loggers. You need a hardened internet browser as well. Preferably something open sourced like Firefox. Get Firefox (unless you already have) and turn off data collection, disable Flash, set DuckDuckGo as default search, turn tracking protection on always, and put send do not track signals as always. Get key addons like HTTPS everywhere, Ublock, and Disconnect. Then harden your browser’s configs by disabling WebRTC, geo location, fingerprinting, and telemetry. Force your browser to use a SSL negotiation and treat any unsafe negotiation as broken. You can also raise your TLS minimum to make sure nothing but TLS 1.2 is used. Also configure your browser’s cookie policy to dump all cookies upon closing the browser.
There is a plug in for Chrome to block WebRTC leaks. I use ipleak.net to check if anything is not working correctly.