Do more on the web, with a fast and secure browser!

Download Opera browser with:

  • built-in ad blocker
  • battery saver
  • free VPN
Download Opera

Opera shows VPN still on but IP actually exposed after waking from hibernation

  • I have been experimenting with the Opera VPN on Windows 10 (48.0.2685.11 (PGO), beta, Windows 10 64-bit).

    The VPN setting was "on". I had a private browsing window open (and I believe this was my only Opera window open). The VPN symbol appeared in the address bar. When I checked my IP address at e.g. it showed as a SurfEasy IP in the Netherlands. All good.

    I left some tabs open. I closed the laptop lid. The computer slept.

    I opened the laptop lid. The computer woke up. I did some stuff. I closed the laptop lid. The computer slept. (This happened a couple of times. Sometimes that "stuff" involved me browsing in the private window, other times I was using other programmes entirely.)

    I opened the laptop lid. The computer woke up. I resumed browsing in the private browsing window. I noticed that I was now getting redirected to UK services as I browsed. I checked and it now showed my UK-based home internet provider and the town I was connecting from. I opened Chrome (no VPN) and checked and it showed the same IP address.

    The VPN indicator in Opera was still there in blue on the address bar! Yet page right below, I could clearly see I was not browsing through the VPN and I was completely exposed. If I had been using the VPN for a serious purpose, rather than experimentation, this would have been a compromising situation.

    This issue is not especially important to me and I am not looking for a personal fix, but I can see it is potentially a serious flaw so I felt I should share it here. I hope there is sufficient detail here that someone may be able to replicate the issue, but feel free to request clarifications if necessary.

    One of the tabs I had open in the private window was Gmail (this Gmail account was accessed only from this tab in Opera, not from any other browser). Checking my google account history logs I can see that today my logged-in locations were the Netherlands, then London (not my hometown so presumably this was via the VPN), then my UK hometown. So my suspicion is that on one of the earlier instances of the computer reawakening the VPN had switched from Amsterdam to London, but on the last instance it had exposed my home IP address.