WebRTC Leak

Explanation

WebRTC (Web Real-Time Communication) is a browser technology that enables peer-to-peer audio, video, and data sharing — used by services like Google Meet, Discord, and browser-based video calls. To establish direct connections, WebRTC makes STUN (Session Traversal Utilities for NAT) requests that can reveal the device's local and public IP addresses, bypassing VPN tunnels entirely. This is a WebRTC leak. When a user on a VPN visits a site that uses WebRTC, the site can use JavaScript to trigger STUN requests that expose the real IP address, not the VPN IP. Streaming platforms and anti-proxy systems can use this to detect VPN use and enforce geo-restrictions. Browsers like Firefox allow users to disable WebRTC in settings. Chromium-based browsers (Chrome, Edge, Brave) require an extension or VPN with built-in WebRTC leak protection. Most quality VPN apps bundle browser extensions specifically to block WebRTC leaks.