WebRTC IP Leak
What is WebRTC IP Leak?
WebRTC IP LeakA browser-side leak in which WebRTC's STUN/ICE machinery exposes a user's real local and public IP addresses, even when a VPN or proxy is active.
WebRTC enables peer-to-peer audio, video, and data in the browser, and to set up direct connections it queries STUN servers and enumerates local network interfaces. A simple JavaScript snippet on any page can read the resulting ICE candidates and recover the user's real LAN address and public IP, bypassing VPN tunnels and HTTP proxies that hide TCP traffic. The leak was first widely reported in 2015 and remains a common deanonymization vector. Defences include disabling non-proxied UDP, using mDNS-anonymized ICE candidates (default in modern Chrome and Firefox), browser extensions that restrict WebRTC, or disabling WebRTC entirely for high-threat profiles.
● Examples
- 01
A site running RTCPeerConnection and reading ICE candidates to log the visitor's real public IP behind a VPN.
- 02
An ad tag using WebRTC to enumerate internal LAN addresses for cross-device tracking.
● Frequently asked questions
What is WebRTC IP Leak?
A browser-side leak in which WebRTC's STUN/ICE machinery exposes a user's real local and public IP addresses, even when a VPN or proxy is active. It belongs to the Privacy & Data Protection category of cybersecurity.
What does WebRTC IP Leak mean?
A browser-side leak in which WebRTC's STUN/ICE machinery exposes a user's real local and public IP addresses, even when a VPN or proxy is active.
How does WebRTC IP Leak work?
WebRTC enables peer-to-peer audio, video, and data in the browser, and to set up direct connections it queries STUN servers and enumerates local network interfaces. A simple JavaScript snippet on any page can read the resulting ICE candidates and recover the user's real LAN address and public IP, bypassing VPN tunnels and HTTP proxies that hide TCP traffic. The leak was first widely reported in 2015 and remains a common deanonymization vector. Defences include disabling non-proxied UDP, using mDNS-anonymized ICE candidates (default in modern Chrome and Firefox), browser extensions that restrict WebRTC, or disabling WebRTC entirely for high-threat profiles.
How do you defend against WebRTC IP Leak?
Defences for WebRTC IP Leak typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for WebRTC IP Leak?
Common alternative names include: WebRTC leak, STUN leak.
● Related terms
- privacy№ 1214
VPN Leak
A failure of a VPN tunnel that lets identifying traffic — IP, DNS, IPv6, or WebRTC — escape outside the encrypted channel.
- privacy№ 339
DNS Leak
A privacy failure in which DNS queries bypass a VPN or Tor tunnel and are sent to the user's ISP or default resolver in cleartext.
- privacy№ 127
Browser Fingerprinting
A stateless tracking technique that identifies a user by combining browser, device, and configuration attributes into a near-unique signature.
- privacy№ 241
Cross-Site Tracking
The practice of linking a user's activity across multiple unrelated websites to build a long-lived behavioural profile.