After setting up OpenVPN on my private vps, I decided to check if it was known that I’m using one. I went to the first website I could find, this one: https://proxycheck.io/, and immediately it said I was. I have no clue how it would have know I was, as I have never used it as one before, never checked any websites with it etc. Does anyone know how this website could figure it out straight off the bat?
Edit: I did some more research, and it looks as if it’s flagging my ip for being that of a host.
There are several ways they can detect if you’re using a VPN and/or proxy. It’s impossible for them to know with absolute certainty whether or not you’re using a VPN. I will list some of the methods that they use:
IP address of the VPN endpoint (your public IP when connected to the VPN) can give you away if you’re using a public VPN. Public VPN providers share VPN IPs with many users and these VPN IPs get flagged as known VPN IPs. This likely isn’t your issue since you setup a private VPN on a VPS, however keep in mind somebody had that VPS before you so the IP address could have been flagged from a previous renter’s usage of it.
DNS leaks are commonly used to detect if somebody is using a VPN. Your DNS server IP address should be the same IP as your VPN endpoint, this means your VPN is not leaking DNS requests to 3rd party DNS servers. If your VPN does allow 3rd party DNS servers, websites could use a 3rd party DNS server to potentially uncover your real (non-VPN) IP address. You can check for DNS leaks with sites like: dnsleak.com and dnslesktest.com
IPv6 address leaking. Depending on your home ISP, you may or may not have a public IPv6 address. You can check if you have a public IPv6 address by going to ip6.me and doing IPv6 only test. If you do have a public IPv6 address, you either need to configure your VPN to tunnel IPv6 through your VPN (so you’ll see your VPS’s IPv6 IP) or you need to disable IPv6 completely on your home computer and/or network. You can disable IPv6 on your home network by logging into your router (if your router has this capability.) It’s better to disable IPv6 on your device that you’re using with your VPN. Here are some guides for disabling IPv6 on Ubuntu Linux and on Windows 10. You can disable IPv6 on Android as well, but it requires root. There are some methods to turn IPv6 off for mobile data without root by changing APN settings, but I won’t go into this because it’s better if you setup your VPN VPS server to tunnel IPv6.
WebRTC in your web browser is another common leak that tells websites you’re using a VPN. You can check this at ipleak.net (each browser handles WebRTC differently.) WebRTC can leak your home IP address which would be telling that you’re using a VPN. WebRTC can also leak the local IP address of your VPN connection, which would cause ipleak.net to show an IP in the 10.0.0.0/8 subnet; leaking a local IP address isn’t necessarily indicative of VPN use (because your home network leaks its local IP address as well) but VPNs like OpenVPN very often use local IPs in the 10.x.0.x range, while home local IPs are usually in the standard 192.168.0.x range.
I’m probably going into too much detail, just use ipleak.net to check and make sure that your VPN is not leaking your home IP via WebRTC and/or your IPv6 address is not leaking.
It’s possible that your VPS IP is in an IP subnet that has been flagged. Common VPS providers (like Amazon) are most likely to be flagged. I cannot say for sure how your VPN use is being detected because there are so many possible methods of detecting probable VPN usage. The most important thing for you is to make sure your VPN is not leaking your home IP (ipleak.net is good testing site for this.)
It’s also worth noting that OpenVPN commonly uses UDP port 1194 for VPN connections, a website could scan your VPS VPN IP on UDP port 1194 just to check if the port is open. If they see that port is open, this is another good indicator of a VPN IP address. You can mitigate this by using a different port for OpenVPN (any port is fine, TCP port 443 is common as a secondary OpenVPN port because most servers have this port open anyways.) You can firewall UDP port 1194 after you switch OpenVPN to another port so if they check that standard VPN port they’ll see that it’s closed.
Really sick of having a VPN, but having to constantly turn it off because some sites aren’t functional when they can detect them. Super annoying… off to read some more.
(Just dropped this note so you know that someone has read your words on the internet, 3 years later.)
