Any site that I visit can see my local IP (e.g. 192.168.1.102). Is there any reliable way to block this behavior? (browser setting, OS setting, router setting, etc.) I am particularity interested in Google Chrome and Mozilla Firefox, but any modern open source browser will do. If it is a browser plugin, it should be open source with a solid user base.
By reliable I mean, that I do not need to check the leakage again after every software update.
More info / what I have read so far:
- There was a Chrome plugin that is not working anymore
- Local IP is obtained using JavaScript / WebRTC
- Live Demo here: Demo
- Source code: https://github.com/diafygi/webrtc-ips
- Firefox developers is not going to fix the leak (bug is open from 2014): Bug 959893
- In Private / Incognito mode does not prevent this leak. If you use static IPs, and have non typical local IP (e.g. 10.66.77.88 or 192.168.212.121), then there is no need for Browser fingerprinting . Your external IP + internal IP is perfect fingerprint.
Update 1: It is not duplicate of How to Disable WebRTC in Google Chrome – I want to prevent private / local IP leak, not disable all WebRTC.
Update 2: No, it is not related to header X-Forwarded-For (HTTP_X_FORWARDED_FOR), that is added when user/administrator chooses to do so. In my provided demo it is not your choice… It is Google's and Mozilla's choice to leak your private IP even when using private browsing mode.
Update 3: Ability to determine my local IP allows malicious JavaScript to quickly identify my local subnet and print on my local network printers from any website in the world without me doing anything. Cross-site printing This CSP Demo finds my LAN printers using JavaScript.
Update 4: It is not a good idea to reveal private IP to every website. By seeing your private IP, for example 192.168.88.101, I can guess with very high probability that you are using MikroTik router. Also, I can track particular user event if user uses different browsers because local and remote IP stays the same for some time (hours or even days).
Best Answer
Disable WebRTC with extensions:
In Firefox with addon Disable WebRTC or advanced users can use
about:configto setmedia.peerconnection.enabledto false.In Chrome with extension WebRTC Leak Prevent