Review: NordVPN

Internet security has never been more important. We’re getting to the point where everything has to be encrypted to ensure that prying eyes are kept well away from our data.

Even so, that still doesn’t stop data leaking, with the latest leak of 773 million records containing 2,692,818,238 rows of data having been released to the internet at large. I highly recommend using Have I Been Pawned? to check to see if any details (email or passwords) have been gathered across the plethora of public leaks.

VPNs are becoming more important when on the road where public Wi-Fi is inherently insecure and dangerous.

Now, it’s unlikely that any of the leaks are the responsibility of unencrypted traffic from your computer to the server, with man-in-the-middle attacks slurping your credentials when you’re at home and using your own router and ISP. But it’s possible but unlikely (though more likely if you’re connecting to terribly insecure public Wi-Fi). Most of the time these are going to be a combination of things: malware, unpatched exploitable security holes allowing attacks to access servers and their data directly, terrible methods of storing data, stupid password policies, stupid sysadminning, and everything else in-between.

But this still doesn’t mean you shouldn’t take additional measures to ensure your online safety. A VPN can help you to protect your online privacy. Data will leave your device encrypted through your ISP’s (or public Wi-Fi) connection and exit through to the internet through a dedicated server. This makes it difficult to track back traffic to your computer, tablet or phone and stops your ISP (or Wi-Fi provider and any other potential third party threat) from spying on you.

VPNs can also bypass geographical restrictions. There are many US news sites that haven’t sorted out their EU policies and just block any EU user from accessing their web sites.

NordVPN offers 5,200 endpoints across 62 countries and 6 continents for a very low monthly price based on annual payment. And they also offer dedicated IP facilities where ISPs cannot

I’ve not been a big user of VPNs until now. But there is one big advantage of using a VPN service. And not all of them offer this particular feature: a dedicated IP. In my job (and as my hobby, running this server), having a dedicated IP makes it much easier to lock down a server and access it from specific IP addresses. IPv6 doesn’t seem to be making the kind of impact it should be these days which would make it much easier for ISPs to give each user a dedicated IP. Sky, my current provider, used to do this – but they then withdrew the service by the time I came back to them from Virgin.

I picked NordVPN for my VPN service. They’ve been advertising quite a bit on UK TV, and have had some very good reviews. I tested them out a couple of times via iTunes subscription, but have now committed to three years (paid up front) for around £100 (including VAT). Their dedicated IP service costs an extra £66 a year, but it allows me to use my own OpenVPN client across any device (so it’s on my iPhone and iPad Pro as well as my Mac). So far it’s been extremely useful, and most importantly, reliable.

I can still use my regular NordVPN account with random servers (they have over 5,200 servers (or endpoints) across 6 continents and 62 countries. They provide their own VPN client which makes it very easy to select different countries (and servers within those countries) along with speciality servers such as Onion over VPN.

Support is good, with live chat available. Most problems are easily fixed through the chat. It took a couple of days to set-up the dedicated IP, but that’s to be expected.

The only problems I’ve encountered with using NordVPN overall is that some WAF/CDNs tend to flag the IPs from some of the hosting providers that NordVPN as potential troublemakers. There were a number of occasions connected via a non-dedicated IP connection where “Access denied” popped up from an Akamai hosted site, and WordFence – a popular WordPress security plugin – also seemed unhappy with the IP I was using.

The problem is that with VPN connections, they will appear to come from a dedicated hosting company rather than an established broadband ISP. This can potentially have a negative impact as, in my line of business, this can potentially be flagged up as a potential bad actor or a bad crawler/robot – hence Akamai and WordFence’s response.