Edit Your OpenVPN Config File To Avoid DNS Leaks

There are times when your VPN is working normally, and you’ve already changed your DNS settings, but you still have DNS leaks that can compromise your privacy. One culprit could be your ISP, which may be using a “transparent DNS proxy” that causes the leak. This transparent catches all the DNS queries made through your device, and redirects them towards the ISP’s own servers. This causes the data to travel outside the VPN tunnel, thus ruining your anonymity online.

What’s worse is that ISPs don’t usually notify their subscribers when they use a transparent DNS proxy. You will only know about them when you run a DNS leak test — if you’ve fixed every factor that commonly causes a leak but your queries are still not being encrypted, your ISP may be to blame.

To counter this, you can edit your OpenVPN config file. OpenVPN is among the most commonly used VPN protocols, and there’s a big chance your VPN provider is using it. This guide won’t apply if you’re using a different protocol, so it’s best to check with your settings first.+

Additionally, these steps will only apply if the latest OpenVPN version is being used by your VPN provider. Update your VPN client for the best possible security.

Here are the steps to edit your OpenVPN config file.

STEP 1. Each VPN server has its own .conf or .ovpn file. Find this config file for the server you are trying to connect to. For Windows, it’s usually at C:\Program Files\OpenVPN\. If you need help finding the config file, you can check out this OpenVPN manual.

STEP 2. Once you’ve found the file, open it in a text editing program such as Notepad. For Windows this can be done by right-clicking the file and choosing Open with > Notepad.

STEP 3. Scroll down to the bottom of the file. Add the following string at the very bottom:

block-outside-dns

STEP 4. Save the file, and re-run the DNS leak test. Your ISP’s transparent DNS proxies should no longer be able to see your queries.

Note that most top-notch VPN providers have their own ways to get around these transparent proxies. If these steps didn’t work, you may contact your VPN provider for support. If you find they are not able to address the issue, it may be time to shop around for a new one!