WebRTC (Web Real-Time Communication) is an API drafted by the W3C that supports browser-to-browser applications for voice calling, video chat, and P2P file sharing (without the need of either internal or external plugins). WebRTC implements STUN (Session Traversal Utilities for Nat), a protocol that allows the discovery of your externally assigned IP address (to faciliate the applications above).

Due to the way in which Windows selects the adapter when sending traffic (source IP address selection), the request to the STUN server may leak outside of the VPN and expose your ISP issued IP address. However if you are using a VPN firewall (such as the IVPN firewall that is built into the Windows IVPN client) then these leaks will be blocked). However it is still possible for the site to identify your internally assigned IP addresses as these are detected by the browser locally using javascript. Please follow the instructions below to disable WebRTC.

To test whether you are vulnerable please visit this demo page.

Mozilla Firefox

  1. Type about:config in the address bar.
  2. Scroll down to media.peerconnection.enabled, double click to set it to false.

Internet Explorer

No action is neccessary.

Google Chrome

  1. Locate your Chrome user preference file.
    • Windows Vista / 7 / 8 / 8.1: C:\Users\(your username)\AppData\Local\Google\Chrome\User Data\Default\Preferences
    • macOS: ~/Library/Application Support/Google/Chrome/Default
    • GNU/Linux: ~/.config/google-chrome/Default
  2. Exit Chrome and save a backup copy of the file somewhere else. Make sure Chrome is not running in the background.
  3. Open the Preferences file in a text editor (e.g. Notepad, Sublime Text).
  4. Add these lines to the bottom of the file, paying attention to the format. (Just follow the format of the other lines, adding a comma if necessary.)
    "webrtc": { 
        "multiple_routes_enabled": false 
    }
    
    If your accidentally made an error and Chrome won't start anymore, you can replace the Preferences file with the backup copy you saved earlier.