- Server Locations 141
- Average Speed 9.1 Mbit/s
- Simultaneous Connections 5
- Jurisdiction Hong Kong
- 2000+ servers in 141 counties
- Fantastic for streaming
- P2P: yes (on selected servers)
- Five simultaneous connections
- No logs
- IPv6 leaks in macOS
Alternative VPN Choices for You
|From $2.99 / month||
BestVPN.com Score 9.8 out of 10
|Visit Site Read Review|
|From $6.67 / month||
BestVPN.com Score 9.5 out of 10
|Visit Site Read Review|
|From $2.75 / month||
BestVPN.com Score 9.5 out of 10
|Visit Site Read Review|
24 month Plan
12 month Plan
1 month Plan
As is usual, PureVPN’s pricing tiers only relate to how long you buy a subscription for. All customers have access to all of PureVPN’s features. It has to be said that the one-month plan is a little pricey, but the per month cost if you buy an annual subscription or longer is downright cheap!
A 31-day money back guarantee is available (7-days if only purchasing a one-month subscription), but do be sure to cancel this in time if you don’t wish to continue with your subscription. PureVPN has a reputation for being strict with refunds. A safer option is to pay $2.50 for the 3-day trial.
PureVPN accepts payment via credit/debit card, PayPal, AliPay, and CashU. Potentially anonymous payment is possible via gift cards or a variety of cryptocurrencies processed by US-based third-party payment provider PaymentWall.
As we discuss later, however, PureVPN is not a good choice for those who need a great deal of privacy. The benefits of paying for PurePN anonymously are therefore somewhat limited. It is also worth noting that payment using potentially anonymous methods is non-refundable.
|Bare metal or virtual servers||Bare metal|
PureVPN clearly marks which locations are virtual i.e. do not have a physical server located there, but which are spoofed using fancy smart DNS routing. For most users, whether or not they are using a virtual location will be utterly irrelevant.
In locations where physical servers are used, they are all bare metal single-tenancy servers. This is good because bare metal servers are much more secure than software VPS instances hosted on shared servers.
PureVPN WiFi Security
This nifty feature automatically detects when you connect to an unrecognized WiFi network offers to secure your connection by turning on the VPN. This is a great way to ensure you never surf the internet on an insecure WiFi hotspot without the protection a VPN affords.
Dedicated IP addresses
One of PureVPN’s biggest strengths is that it will unblock just about every streaming service known to humankind. This includes services such as BBC iPlayer and Netflix which bock IP ranges known to belong to VPN companies.
PureVPN can do this because (slightly confusingly) it offers two kinds of “dedicated IP address.” The first kind are IPs temporary created to access a particular event or online streaming service. So they are “dedicated” to that even or service, but are shared among many users.
If you find a service blocked to VPN users then simply contact PureVPN’s 24/7 Live Chat support and they will almost certainly be able to provide you with a server IP address that works.
In addition to this kind of “dedicated IP,” PureVPN leases out the more traditional kind of dedicated IP for $1.99 per month. These are single-user IPs which are unique to your account.
These unique personal IPs are also good for getting around blocks which target known VPN IP ranges. In addition to this, they are useful for people who run things like games servers or who want to access LAN resources which require connecting to a fixed static IP address.
Advanced port forwarding
Like most modern VPN services, PureVPN offers a NAT firewall to prevent unsolicited incoming connections. The problem with NAT firewalls is that they are good for security, but are something of a downer if, like P2P torrent-heads, you actually want unsolicited incoming connections in order to better facilitate file-sharing.
Port forwarding solves this problem by allowing users to open holes (ports) in the NAT firewall through which incoming connections can pass. In addition to torrenters, this feature is useful for anyone who wishes to access resources such as printers, LAN drives, and games or media servers that are behind the VPN.
Please see our Ultimate Guide to VPN Port Forwarding for a full discussion on this feature, including potential issues.
It is worth noting, though, that port forwarding does not work if shared IPs (NAT Network) are used.
Does PureVPN unblock Netflix?
In addition to our benchmark Netflix and BB iPlayer services, PureVPN unblocks Amazon Prime, Hulu, and many more. Indeed, thanks to its use of dedicated IPs (both kinds) PureVPN is one of the very best VPN services on the market for unblocking streaming services and accessing restricted sporting events.
Speed and Performance
Below is a live chart showing the current five fastest performers in our ongoing advanced speed tests.
It must be said that we have seen a notable decline in PureVPN’s overall speed performance over the last year. The last year’s average speeds work out at a respectable 29 Mbits/s, but over the last month, we have recorded an average of just 9.1 Mbits/s.
This does, however, not tell us the full story as the last month’s max speed results were a very respectable 232.8 Mbits/s. This means that, as long as you connect to a nearby server, you are likely to experience excellent speed performance when using PureVPN.
DNS lookup times are a little underwhelming (0.52 seconds average, and 6.97 seconds maximum) and PureVPN users’ suffer the longest average wait times on our books when connecting to the service. But this is still only 14.1 seconds.
We ran IP leak tests using the open source ipleak.net tool. All tests were performed in a fresh virtual machine with just a browser that supports WebRTC installed. We set this browser to private/incognito mode for each test to prevent caching issues confusing the results.
In Windows, we detected no problems, but the macOS client leaked our IPv6 address via both regular DNS and WebRTC.
No WebRTC IPv4 leaks were detected when we disabled IPv6, though, so Mac owners with IPv6 connections should be fine just manually disabling IPv6 in macOS. But just to be sure, we recommend also disabling WebRTC in your browser.
No IP leaks were detected when using the browser proxy add-ons, although it is worth noting that the add-ons’ “Prevent WebRTC leak feature” only prevents WebRTC leaks for its own proxy connections. It does not prevent WebRTC leaks when using the VPN.
We are currently unable to test for IPv6 leaks in Android but detected no IPv4 leaks of any kind.
BestVPN.com SpeedTest (max/burst)
BestVPN.com SpeedTest (average)
WebRTC leak detected?
Ease of use
PureVPN offers custom apps for Windows, macOS, Android. In addition to regular Android, PureVPN offers custom apps for the Amazon Firestick and Android TV. PureVPN also has browser extensions for Chrome and Firefox, and custom applet for Kodi and DD-WRT. Phew!
A new OpenVPN Linux app is available, although this is command line only. An iOS app is not available at the time of writing this review but is undergoing review from the App Store.
Good manual setup guides are available for a bewildering combination of platforms and VPN protocols. This includes iOS, Linux (many distros) and a variety of routers.
The Windows Client
The Windows client features a rather cute animation while it installs. Once installed it looks smart and is packed with useful features.
It starts by asking you which mode you want to use: stream, internet freedom, security/privacy etc. PureVPN does not explain in detail what difference each mode makes to your connection settings, so we’ll just assume they are correctly optimized for the advertised tasks.
VPN Hotspot uses Windows 10’s built-in Hotspot feature to allow other devices to connect through Windows to the internet while benefiting from VPN protection. This definitely cool, but is only available to Windows 10 users and only if you a have WiFi interface that is compatible with the windows Hotspot feature (many aren’t).
We are pleased to note that features which were once available to mainstream users are now where they belong – in Beta, and only available to volunteer guinea pigs. This includes split-tunneling and “Gravity” (an ad-blocker and a safe search feature which filters out explicit results from a selection of popular search engines).
By default, the Windows client uses the IKEv2 VPN protocol. This is an increasingly popular choice because although not battle-tested in the way OpenVPN is, IKEv2 is widely considered secure and is undoubtedly faster than OpenVPN.
It is good to see that IPv6 leak protection is now enabled by default, although the firewall-based kill switch is not. This is the better kind of kill switch, as it prevents any traffic entering or exiting your PC outside the VPN tunnel. It also survived a simulated software crash, and so uses system level Firewall walls. Again, this is good.
Like most VPN services, PureVPN offers shared IP addresses. Unlike most VPN services, this feature is optional. You only gain the privacy benefit of using shared IPs with the NAT network option enabled. Non-NAT-users are assigned a unique IP address.
It is therefore important to note that by default PureVPN’s software will select NAT or non-NAT connections based on availability. If you want to use shared IPs then you must specify NAT Network type in the client’s advanced settings.
The Mac app appears identical to the Windows app in almost every way. One thing it doesn’t have is IPv6 leak protection, so you will need to disable IPv6 manually in macOS. It does appear to prevent WebRTC IPv4 leaks, but again, does not block WebRTC IPv6 leaks.
At present, the Mac client does not support IKEv2. It uses the SSTP VPN protocol by default, but this can be changed to OpenVPN (UDP or TCP). Because it uses the macOS built-in VPN client by default, the VPN will remain in place even if the PureVPN client crashes.
The Android app sports possibly even more features than the desktop apps. It offers port forwarding, a kill switch and “secure WiFi.” The only VPN protocols supported are OpenVPN (UDP or TCP) and IKEv2, but as these are the only VPN protocols you should be using these days, this is really isn’t an issue.
The command line OpenVPN app for Linux work wells, but is rather basic. Other than coming pre-configured for PureVPN, we can see no advantage to using it over the regular OpenVPN command line client.
Browser proxy add-ons are available for Firefox and Chrome. These are useful for quickly spoofing your location, but provide no security or privacy benefits as proxy connections are not encrypted.
Our 2019 Customer Service Awards audit was generally very favorable for PureVPN. Its 24/7 live chat staff are knowledgeable about most things we expect front-line support staff to be knowledgeable about and were happy to pass on queries about more technical matters to the correct department for an email response later.
These email responses were, in general, fast and answered our questions well. The only issue was that we failed to receive any response for one of our harder questions.
Privacy and security
PureVPN is based in Hong Kong, which despite being governed by China enjoys some of the freest and uncensored internet access in the world.
VPN providers in Hong Kong are not required to keep any form of logs, but PureVPN does anyway. It does not keep usage of which websites you visit, but it does keep detailed metadata connection logs.
“We Do Not monitor user activity nor do we keep any logs. We, therefore, have no record of your activities such as which software you used, which websites you visited, what content you downloaded, which apps you used, etc. after you connected to any of our servers.”
… is heavily qualified by the following statement:
“Our servers automatically record the time at which you connect to any of our servers. From here on forward, we do not keep any records of anything that could associate any specific activity to a specific user. The time when a successful connection is made with our servers is counted as a “connection” and the total bandwidth used during this connection is called “bandwidth”. Connection and bandwidth are kept in order to maintain the quality of our service.”
On the client, different modes use likely use different protocols, although IKEv2 and SSTP appear to be the defaults. When using OpenVPN, PureVPN uses the following settings:
Data channel: an AES-256-CBC cipher with HMAC SHA1 hash authentication.
Control channel: an AES-256-CBC cipher with RSA-2048 handshake encryption and HMAC SHA384 hash authentication. Perfect forward secrecy is provided via a Diffie-Hellman (DHE) key exchange, although we don’t know the key length for this.
This is a secure setup that matches or exceeds our minimum recommendations on all points. Please see the VPN Encryption Guide for more details.
As already noted, PureVPN uses only bare metal servers. It does use “virtual locations,” but these are hosted on servers directly under the control of PureVPN and so do not present a security threat. We are also pleased to note that PureVPN now handles all DNS requests using in-house DNS servers for maximum privacy.
Not so good is that the PureVPN website uses a variety of privacy-invading trackers, including Google analytics.
All PureVPN apps offer OpenVPN over TCP, which we assume uses port 443. This can be effective at defeating VPN blocks but is easy to defeat using more sophisticated censorship measures. PureVPN does not offer any additional VPN obfuscation technologies.
The connection logs kept by PureVPN prevent us from ever recommending the service to those who require a VPN for privacy. Mac users should also be careful to disable IPv6 on their systems (and probably also WebRTC in their browsers).
For those who want a VPN primarily to access streaming services, however, PureVPN is one of the best choices on the market as it is very effective at unblocking almost everything.