WebRTC is a technology that allows users to communicate with video and audio directly in the browser without any plugins installed. An unfortunate side effect is that your real IP is at risk to being exposed, stripping you of your anonymity.
However, you can disable WebRTC. Learn more about WebRTC on Wikipedia.
Please note that disabling WebRTC will cause some websites that use it to not work properly. You might therefore want to re-enable it when you're not using Mullvad.
How do I test my browser?
Visit our Am I Mullvad website to check whether or not your browser uses WebRTC. You're safe if the WebRTC box is green. If it's red, then follow our instructions below for disabling WebRTC.
You can also check for WebRTC leaks with Browserleaks.com. Check that the Public IP Address is either n/a or showing your Mullvad IP-address.
Disable WebRTC in your browser
Firefox – easy method
Desktop and Android users can use the Disable WebRTC plugin for Firefox. Click on the "Add to Firefox" button and follow the instructions to install the plugin.
Once installed, it will disable WebRTC by default. You can check by looking for the plugin's 'W' icon in the Firefox toolbar. The plugin is working if the icon is green. Click it and it will turn red, meaning that WebRTC is enabled again.
Firefox – advanced method
Use these instructions if you wish to manually disable WebRTC:
- Type "about:config" into the address bar and hit Enter.
- Click the button "I accept the risk!".
- Type media.peerconnection.enabled in the search bar. Only one entry should appear.
- Right-click on the entry and choose "Toggle" to change the Value column to "false".
To enable WebRTC again, follow the instructions until the Value column changes back to "true".
Internet Explorer has not implemented WebRTC.
Checking for leaks with other browsers
Am.i.mullvad.net may say
Failed checking for WebRTC leaks. This does not mean that the browser is leaking, just that it was not able to check. Here are some tips for making it work.
You can temporarily disable Anonymize local IPs exposed by WebRTC in the chrome://flags experimental settings and relaunch the browser. However this will start to expose your internal local VPN IP address in WebRTC requests. Set it back to default after checking for WebRTC leaks with am.i.mullvad.net.
For better security use Firefox instead, as there is currently no better working solution for Chrome and plugins are easily circumvented.
iOS users: Chrome on iOS does not seem to implement the vulnerable parts of WebRTC yet.
Advanced users: read our Advanced options section.
Microsoft Edge (legacy)
There is currently no way to disable WebRTC in old Edge, however you can prevent it from leaking your local IP address. To do this navigate to "about:flags" and tick the box next to Hide my local IP address over WebRTC connections.
Microsoft Edge (Chromium)
You can temporarily disable Anonymize local IPs exposed by WebRTC in the edge://flags experimental settings and relaunch the browser. However this will start to expose your internal local VPN IP address in WebRTC requests. Set it back to default after checking for WebRTC leaks with am.i.mullvad.net.
macOS users: Click on Safari, then go to Preferences -> Advanced -> Enable "Show Develop menu in menu bar", after that open the Develop menu > Experimental Features, and then uncheck WebRTC mDNS ICE candidates in the bottom. However this is an experimental feature so we recommend that you instead use Firefox as your browser and follow our instructions for disabling WebRTC in Firefox.
iOS users : Go to the Settings app, tap on Safari, scroll all the way down, and tap on Advanced, and then in Experimental features, disable WebRTC mDNS ICE candidates. (do keep in mind it is an Experimental feature)
Go to Settings and click on the Magnifying glass icon in the top right corner and search for "webrtc". Under "WebRTC IP Handling Policy" select Default public Interface only. This won't disable WebRTC but it will make sure it uses the default route. Am.i.mullvad.net will not be able to check for leaks if WebRTC is set to "Disable Non-Proxied UDP" or if Fingerprinting is set to "Block all". However those settings are recommended.
- ScriptSafe plugin for Chrome