VPN Kill Switch - What is a Kill Switch and Why Should You Use One?

If you use a privacy service like a VPN to browse anonymously and protect your data, it's crucial that all the internet requests made from your device are encrypted and routed. If traffic leaks outside the VPN tunnel, it breaks the secure connection and your data becomes exposed.

When your internet requests are sent through your DNS rather than the VPN service, it can be either because the VPN connection failed or due to DNS leaks. The worst part is you might not even notice your internet connection is no longer secured.

The most effective way to avoid being exposed online when there are troubles with the network is by using a VPN kill switch.

But what is a VPN kill switch exactly, how does it work, and how can you have a kill switch?

First, let's understand what the risks are when you're not using a VPN service with a kill switch.

Regardless of how strong is the VPN service you're using, there are still risks for you to get disconnected from the VPN server or for DNS leaks to occur.

When you access a website, for example, your computer sends a request to the DNS (Domain Name System) server to transform the URL of the website into an IP address which is used to receive data from the internet. The DNS server is assigned to you by the ISP (Internet Service Provider) and they log all the requests that go through it, meaning they track all your online activity. When you use a VPN service to create an anonymity network, the requests are sent to the VPN's DNS server.

A DNS leak is a flaw in your network configuration that allows the requests to the internet to be made through the default DNS server, using your real IP address, instead of using the VPN server.

While the content of your traffic remains encrypted by the VPN, these flaws put your privacy at risk because you lose the internet anonymity and your ISP (along with other snooping eyes) will be able to see your IP address and browsing history.

You manually configured the VPN - The risks for DNS leaks are higher when you configure the VPN manually. That's why it's advised to get a VPN service that offers dedicated software that will properly take care of the configuration.

IPv6 leaks - Because the internet is still in transition between IPv4 and IPv6 IP addresses, IPv6 addresses can pose a problem for VPN services. When you come along websites that only use IPv6 addresses, you might experience DNS leaks.

Someone gets hold of the router - This is a risk you encounter mostly on public places (ie. coffee shops, airports). A hacker can get access to the WiFi router and force your device to send internet requests outside the encrypted connection.

Your firewall or antivirus program might interfere - When you don't add the VPN connection as an exception, the firewall or antivirus program can block the VPN connection.

Poor WiFi signal - The connection to the VPN server can be affected when the WiFi signal is unstable because there will be data leaks which will force your computer to connect through the default router.

You use public networks - Most exposed to DNS leaks are those who use multiple networks to connect to the internet (home network, coffee shops, public WiFis). These networks are heavily used which result in an unstable connection.

A kill switch is the strongest way to protect your device from unwanted DNS leaks. And we'll go through how it works and its importance further in the post.

A VPN service protects your online privacy by creating a secure tunnel, meaning you are able to browse anonymously without your IP address or browsing data showing to third-party eyes. But even with a solid VPN service, privacy leaks can occur (as we've seen above).

The kill switch makes sure your data is never exposed by mistake and prevents your real IP address to leak. What the kill switch does is it automatically stops all your internet traffic if the internet requests fail to go through the VPN server. When your device reconnects to the VPN server, your internet connection will be back and running.

There are two types of VPN kill switches.

System-level - As the name suggests, this type of VPN kill switch will shut down your entire internet traffic if something goes wrong with connecting to the VPN server. This includes the browsers, applications, email clients, torrent clients - anything on your computer that uses the internet.

Application-level - With this type of kill switch, you're able to choose individual applications to use the kill switch in case of a VPN connection failure.

A VPN kill switch works similar to a firewall. A firewall examines all the traffic that's coming or getting out your computer and blocks unauthorized connections based on a set of rules.

The VPN kill switch is set up to receive and send information only when the requests are made through the VPN server. If the connection to the VPN is lost, or if the kill switch senses a sudden change in behavior and IP address (a DNS leak), it will not let the packets of data go through so you're not exposed online.

When the kill switch turns off your connection, your internet won't be working because it will mean for the connection to be made through your ISP's server, hence revealing your IP address. You'll be able to use the internet again once the VPN connection is restored or if you disable the VPN and the kill switch. In the latter case, you lose all of your online anonymity and your privacy is at risk.

VPN services usually allow their users to turn the kill switch on and off based on their preferences.

The kill switch becomes active when it detects there might be a threat to your online privacy. Such cases are:

• When there are troubleshooting problems and you're disconnected from the VPN server.
• When you connect to unreliable networks such as a WiFi with bad signal - The kill switch won't allow your device to use the default DNS.
• When you're changing your connection preferences such as switching between VPN server countries.
• When it notices a sudden change in internet behavior and IP address.

The easiest way to test if the VPN kill switch is working is by following the steps below:

• Open your VPN client and connect to a server (make sure the VPN kill switch is enabled).
• Open a browser and make sure the connection is made through the VPN by checking the IP address.
• Cut off the VPN connection (without closing the VPN client).
• Go back to the browser, hit refresh, and see if the internet is working.

If your internet is not working anymore, it means the VPN kill switch works and did its job to protect you from getting exposed online.

If the internet is still up and running, something is wrong with the VPN kill switch and you might want to contact your VPN service provider for further help.

A VPN kill switch is most useful for those using to download torrents.

But a kill switch feature is also beneficial for business owners, those managing sensitive data, journalists, and anyone who, for one reason or another, wants to browse the internet anonymously without the risk of being exposed. The kill switch will make sure your identity is not revealed and hackers can't hack your computer to get hold of your private files.

When we're talking about torrenting, you must pay extra attention to how secure your connection to the VPN server is. A bit of off time for the VPN connection and it's enough for your real IP address and location to be visible, along with the requests made to download a torrent.

A VPN service with kill switch will shield you against losing your online anonymity if it is for the VPN connection to fail or if DNS leaks occur. But while a strong VPN kill switch will secure your connection to larger extents, there are also situations when the kill switch is not enough and you must take extra precautions.

For example, if you're downloading a torrent and your computer reboots before the download is finished, it will get back at downloading as soon as the computer starts. The VPN software and the kill switch might take a bit longer to activate, so there's a small time frame in this situation when your real IP address will be visible.

This is an occurrence that can happen with all VPN services. It can be easily solved by using a torrent client that allows you to set up the settings so it only downloads when you're connected to the VPN server. When you're on the regular connection, it will simply stop from sending data.

While there are a couple alternatives to VPN kill switches, they are not as reliable and efficient.

For example, VPNWatcher is a tool that monitors your internet traffic to certain applications and turns off the internet connection if the VPN connection is down. Mind that you need to set up each application individually. Another way to do this is by creating a task in the Task Scheduler (it's a built-in on Windows).

While these ways are also useful, a VPN kill switch is more handy and effective. If you are already using a VPN service, why not have all the features in the same client, at no additional cost?

Now that we settled you need a kill switch to prevent your real IP address from leaking, how do you get it?

More VPN providers started to add the kill switch feature on their software. Mind that in most cases, the kill switch is not activated by default and you must activate it yourself by accessing the kill switch feature in the VPN client.

The DrSoft VPN software offers a strong VPN kill switch to protect you against those unwanted DNS leaks. In addition, the software uses a 256-it AES encryption, meaning you have our back to browse anonymously.

If you haven't used a VPN service before, here are the reasons why you should.