Check if your browser is leaking your real IP through WebRTC
Loading...
What Is WebRTC and Why Should You Care
WebRTC (Web Real-Time Communication) is built into every modern browser. It powers video calls, voice chats, and direct file transfers between users. Google Meet, Discord, and browser-based Zoom all rely on this technology.
The problem is that WebRTC needs to know your real IP address to establish a direct connection. Your browser sends a request to a STUN server, which returns your public IP. This all happens at the browser level, completely bypassing your proxy or VPN. So even if you’re connected through a proxy or VPN, WebRTC can still hand your real address over to any website.
That’s why running a WebRTC leak test is a must whenever you set up a proxy, VPN, or antidetect browser. The tool above sends a request to Google’s STUN server, grabs the IP from the ICE candidates, and compares it to your external address. If they don’t match, your browser is giving away your real IP and your anonymity is compromised.
How to Read the Test Results
- No leak detected (green status). The public IP obtained via STUN matches your external IP address. If you’re connected through a proxy or VPN, it means WebRTC is also routed through the tunnel and your real address stays hidden.
- Leak detected (red status). The STUN server returned an IP that’s different from your external address. WebRTC is bypassing your protection, and any website can grab your real IP. You need to disable or spoof WebRTC.
- WebRTC blocked (blue status). The browser couldn’t create an RTCPeerConnection, and the STUN request never went through. This is typical for antidetect browsers like Dolphin{anty}, AdsPower, and GoLogin — they block or spoof WebRTC at the profile level. No leak is possible.
How to Disable WebRTC in Your Browser
Google Chrome
Chrome doesn’t let you disable WebRTC through its built-in settings. There are two workarounds. First: install the WebRTC Control extension or WebRTC Network Limiter (the official one from Google). Second: install uBlock Origin, open its settings, and enable “Prevent WebRTC from leaking local IP addresses.” After installing, refresh the page and run the test again. The status should change to “No leak” or “WebRTC blocked.”
Mozilla Firefox
Firefox lets you disable WebRTC in about 30 seconds with no extensions needed. Type about:config in the address bar, accept the warning, find the media.peerconnection.enabled parameter, and toggle it to false. This completely kills WebRTC. Browser-based video calls will stop working too, but if you’re testing proxies or managing multiple accounts, that’s a fair trade-off.
Opera
Go to Settings, then Advanced > Privacy & security, scroll down to the WebRTC section, and select “Disable non-proxied UDP”. This stops the browser from sending STUN requests that bypass your proxy.
Antidetect Browsers
In Dolphin{anty}, AdsPower, GoLogin, and Multilogin, WebRTC is controlled at the profile level. In your profile settings, find the WebRTC section and pick a mode: Disabled (completely off), Altered (spoofed to match proxy IP), or Real (no protection). For working with proxies, Altered is the best choice — it feeds the proxy IP into the WebRTC response, so the website sees the same address across all checks.
WebRTC and Proxies: What You Need to Know
HTTP and SOCKS5 proxies do not protect you from WebRTC leaks. Proxies operate at the HTTP connection level, but WebRTC uses UDP and contacts the STUN server directly, skipping the proxy entirely. So even with a proxy active, your browser can still expose your real IP through WebRTC. If you’re just getting started with proxies and aren’t sure where to find your address and port, we have a step-by-step guide for that.
VPNs offer better protection because they capture all system-level traffic, including UDP. But there are exceptions — some cheap VPNs let WebRTC requests slip through. If you want a VPN-like tunnel with zero leaks, check out our guide on setting up VLESS Reality: it encrypts all your traffic and doesn’t get flagged as a VPN.
For managing multiple accounts through proxies, the best setup is an antidetect browser with WebRTC Altered mode plus a quality residential or mobile proxy. This combo plugs the leak at the browser level and gives you a clean fingerprint. You can find trusted providers in our residential proxy ranking. And if you need to route all traffic on your home network through a proxy, here’s a guide on setting up a proxy on your router.
Frequently Asked Questions
What is a WebRTC leak?
A WebRTC leak happens when your browser exposes your real IP address through WebRTC, even if you’re using a VPN or proxy. The browser sends a request to a STUN server to set up a peer-to-peer connection and gets your real public IP in return. Any website can intercept that response and figure out who you are.
How do I check for a WebRTC leak?
Use the test at the top of this page. The tool detects your external IP via a regular HTTP request, then gets your IP through a WebRTC STUN server and compares the two. If they match, there’s no leak. If they’re different, WebRTC is exposing your real IP. For a second opinion, you can also open browserleaks.com/webrtc alongside this test.
My VPN is on but the test shows a leak. What do I do?
That means your VPN isn’t catching WebRTC traffic. You have three options: install the WebRTC Control extension or uBlock Origin with WebRTC blocking enabled; disable WebRTC in your browser settings (Firefox: go to about:config, set media.peerconnection.enabled to false); or switch to a VPN with built-in WebRTC leak protection (ExpressVPN, NordVPN, Surfshark).
Does a proxy protect against WebRTC leaks?
No. HTTP and SOCKS5 proxies don’t intercept WebRTC traffic because WebRTC runs over UDP and contacts the STUN server directly. To prevent leaks when using a proxy, use an antidetect browser with WebRTC set to Altered or Disabled mode.
What does the ‘WebRTC blocked’ status mean?
It means the browser couldn’t establish a WebRTC connection. No STUN request was sent, so no IP was revealed. This is standard behavior for antidetect browsers (Dolphin{anty}, AdsPower, GoLogin), browsers with WebRTC disabled, and extensions like WebRTC Control. It’s a safe status — no leak is possible.
How is a WebRTC leak test different from a DNS leak test?
A WebRTC leak test checks whether your IP address is being exposed through STUN servers in the browser. A DNS leak test checks whether your DNS queries are going through your ISP’s server instead of your VPN or proxy. These are two separate leak channels, and you should test for both. WebRTC reveals who you are; DNS reveals where you go.
Which browsers are vulnerable to WebRTC leaks?
Any browser with WebRTC enabled: Google Chrome, Mozilla Firefox, Microsoft Edge, Opera, Brave, and Yandex Browser. Safari is more secure than the rest — it blocks website access to the camera and microphone by default and requires explicit permission. Mobile browsers on Android (Chrome, Firefox) are also vulnerable.
How does the WebRTC Altered mode work in antidetect browsers?
Altered mode replaces the IP address in the WebRTC response with your proxy’s IP. The browser still sends a STUN request, but the ICE candidates return the proxy server’s address instead of your real one. To any website, it looks like both the WebRTC and HTTP connections are coming from the same IP. That’s why Altered is the best mode for managing multiple accounts.
Will disabling WebRTC break any websites?
Browser-based video calls and voice chats will stop working — that includes Google Meet, Discord (web version), Facebook Messenger, and Zoom. Regular browsing, social media, email, and streaming (YouTube, Netflix) will all work just fine. If you don’t make calls through your browser, disabling WebRTC won’t affect anything you do.
Should I test for WebRTC leaks on my phone?
Definitely, especially on Android. Chrome and Firefox on Android support WebRTC and will leak your IP just like they do on desktop. iOS is in better shape — Safari restricts WebRTC by default. But if you’re using Chrome on an iPhone, it’s still worth checking. Just open this page on your phone — the test works on mobile devices too.