Whether you’re on a company business trip or traveling to another city, it’s likely that you may be using public WiFi. While public WiFi can easily be an efficient and cost-effective method of keeping in touch with friends, family and colleagues, it carries a number of inherent security risks. Information such as your login credentials and personal data can slip into the wrong hands if you’re not careful, but if you follow my easy guide below I’ll show you how to disable WPAD in Windows to safeguard yourself from public WiFi networks.
Web Proxy Auto-Discovery (WPAD) is a protocol that provides the means to automatically discover and configure a web proxy on your computer. It is usually enabled on Windows by default and is supported by other operating systems, but this is not safe at all for a varied number of reasons.
WPAD is not all bad, as it can be of great help when connecting to the network of your school or in the workplace. Besides, there is a need to set up a proxy server for that network. It saves you the trouble of having to do it yourself. Nonetheless, WPAD can cause some problems if you try to connect to a hostile or unknown public Wi-Fi network.
When WPAD is enabled, whatever Wi-Fi network you connect to can immediately configure a web proxy server on Windows. While connected to the Wi-Fi network, the Proxy server will be given automatic access to all of your web browsing traffic, invading your privacy and possibly revealing sensitive information.
A lot of operating systems support WPAD; the issue is that Windows enables it by default and this is a potentially dangerous setting. Therefore, WPAD should not be enabled, unless it is needed.
WPAD is designed so organizations can offer proxy settings to any device that connects to their network. Whatever setting is provided by the proxy auto-configuration (PAC) is used by the device to send all network traffic to the current one via the proxy server.
WPAD, though useful for legitimate and well-meaning organizations, can cause lots of problems on public Wi-Fi networks. It’s not safe for your computer to automatically configure a web proxy server when it connects to a Wi-Fi network in public places like malls, parks, or hotels.
This is why WPAD is disabled by default on some operating systems. iOS, Linux, macOS, Chrome OS all support WPAD but is usually disabled. It has to be enabled if you want your device to automatically discover proxy settings.
Unlike these operating systems, WPAD is enabled on Windows by default. This means that it will automatically set up the proxy server settings of any network that it connects to. HTTPS encryption usually protects your browsing content when on sensitive websites, but if you’re using a proxy server while browsing the internet, it can reveal vital information about whatever website you visit.
The proxy server can give access to a third party to get sensitive login information and credentials even if they are accessing HTTPS pages.
If you are using Windows 8 or 10, just go to your Settings, click on Network and Internet, then select the Proxy option. Turn off the “Automatically detect settings” option to disable WPAD.
WPAD can be disabled on Windows 7 through the Internet Options Window. First, go to Control Panel > Network and Internet > Internet Options. This method can also be used on Windows 8 or 10.
Switch to the “Connection Tab” in the “Internet Properties” window, then click on “LAN Settings”.
Clear the “Automatically detect settings” checkbox in the “LAN Settings” window. Click “OK” twice to save your settings.
In the event that you need to use a proxy, you can do so securely by specifying the exact address to an automatic proxy configuration script which is otherwise known as the .PAC file or enter your proxy server details manually. This way, you won’t rely on WPAD anymore, thus preventing your proxy settings from being stolen on public Wi-Fi.