Can Hotels See What Websites I Visit?
WiFi access is the standard in any hotel you stay in nowadays. We got to the point where we expect to be able to browse the web no matter where we are in the world, so this perk is non-negotiable when traveling for most people.
But since it’s so vital, you can’t help but wonder - what about our privacy? Can hotels see what websites I visit? Or is that information hidden from their network admins?
Well, let’s find out.
Can Hotels See What Websites I Visit?
You’re probably not gonna like the answer, but yes - they most certainly can.
Here’s the thing - when you browse the web using hotel WiFi, you’re using their network. All your connections go through it. So network admins can easily monitor them, and see their destination.
What does that mean?
That they know what IP address you connect to. They also see the DNS resolutions, so they know the exact website domain you access as well. On their end, it looks something like this:
| Source IP | Destination IP (DNS Resolution) | Server Port | Protocol |
| 1.2.3.4 | 185.60.218.35 (facebook.com) | 443 | TCP |
And yes, they know what sites you browse even if they use HTTPS encryption. Sure, they won’t know what data you send to or receive from them. But they’ll still know what domains you access, and - sometimes - might even be able to tell what specific web pages you visit.
So Do Hotels Monitor WiFi 24/7? Should You Be Worried?
They probably don’t do that - unless management specifically asked the IT staff to track WiFi traffic. If you’re not some high profile target, you probably don’t have much to worry about.
But that doesn’t mean you should take it lightly. Even if the hotel’s staff doesn’t keep a close eye on all connections, the hotel’s servers still keep logs that contain a lot of personal data.
For example, they track things like your transactions and browsing habits alongside your name or the ID the server assigned to you + your room number.
Not only is that a huge breach of privacy, but consider the following - what happens if that information gets stolen in a data breach? Who knows how long the hotel stores it for, and anything can go wrong since hackers love targeting the hospitality industry.
Here’s just one example out of many - around 142 million MGM hotel guests had their data stolen and posted for sale on the dark web following a huge data breach.
How to Hide Your Web Browsing on Hotel WiFi
The simplest and quickest thing you can do is use mobile data instead of the hotel’s WiFi. You’ll use your mobile provider’s network to browse the web instead. If you need web access on your laptop or PC, you can always use your smartphone to create a hotspot, and connect the device to it.
Of course, that implies having an unlimited or very generous data plan. Also, you’ll basically be trading one form of tracking for another. Sure, the hotel’s IT staff won’t be able to monitor your web traffic anymore. But your mobile provider’s network admins will do it instead since you’ll use their network.
A much better and more efficient way of protecting your privacy on hotel WiFi is using a VPN like SmartyDNS. If you’re not familiar with these services, they’re basically online tools that hide your IP address and encrypt your Internet traffic.
Here’s how VPNs help:
- They hide the destination of your connection. Network admins can’t see what sites you connect to anymore. Instead of seeing a website’s IP address alongside a DNS resolution, they’ll just see a VPN server’s IP address.
- They encrypt your data packets, so admins can’t analyze them anymore to see what specific web pages you’re browsing. Similarly, they won’t see what domains you send connection requests to.
To follow up on the example we gave above about how web connections look like on the admins’ end, here’s how they’d look like with a VPN:
| Source IP | Destination IP (DNS Resolution) | Server Port | Protocol |
| 1.2.3.4 | 2.3.4.5 | 443 | TCP |
As you can see, there’s no way for them to know what sites you’re visiting.
Looking for a reliable VPN service?
Here at SmartyDNS we offer high-speed VPN servers with military grade 256-bit AES encryption and highly secure VPN protocols (OpenVPN, SoftEther and IKEv2), and we we adhere to a strict no-log policy.
Our VPN servers act as proxy servers and we also offer Smart DNS service that allows you to unblock 300+ geo-restricted websites around the world.
We offer convenient VPN apps for Windows, Mac, iPhone / iPad, Android and Fire TV / Stick, and extensions for Chrome and Firefox browsers.
Special offer! Get SmartyDNS for $ 3.7 per month!
Yes, and we’ll also get your 30-day money-back guarantee.
Can Hotels Block Websites?
Yes. Since they can see what sites you browse, they can easily use firewalls to block your connections to them.
Basically, the network admins set up traffic control rules that say “no, your IP address can’t connect to facebook.com or accept traffic from it.”
Why would they do that?
Who knows - maybe the law forces the hotel to block specific sites (like pornographic or gambling websites). Or maybe the hotel blocks streaming sites to force you to use pay-per-view instead.
The reason doesn’t matter, really. What does matter is how you can bypass that issue. Luckily, the solution is simple - just use a VPN. It routes your connections through a VPN server, so you communicate with the web through a different IP address. Because of that, the firewall can’t regulate your traffic anymore.
Can Hotels Throttle Connections?
Yes - as long as your connections go through their network, their admins can analyze your data packets to see what sites or web apps you’re using. With that information, they can selectively throttle your bandwidth to lower your speeds.
So, for example, that would mean that you might get very low speeds while using Netflix, but decent speeds when doing something else online.
Now, this doesn’t normally happen since hotels can get huge fines for doing stuff like that. But if you want to be proactive and avoid bandwidth throttling from the get-go, use a VPN. It will encrypt your data, so network admins won’t be able to find out what specific online services you’re using.
Is It Safe to Use Hotel WiFi?
Is hotel WiFi safe in general, or are you at risk whenever you use it?
Well, it’s not exactly a doomsday scenario. So you’re likely not at risk of having your data stolen by cybercriminals every time you do a quick Google search using hotel WiFi.
Plus, pretty much all hotels now use encrypted connections. Guests don’t get open access to the network nowadays, they normally have to sign in with a password.
Despite that, we don’t really consider hotel WiFi security completely safe. Whenever we travel, we always add an extra layer of security by using a VPN and antivirus protection.
Why?
Well, here are some pretty good reasons:
- While hotel WiFi is usually encrypted, that doesn’t mean it’s 100% reliable. The network very likely uses WPA2 encryption, which unfortunately has a serious security vulnerability.
- Hotels focus on hospitality, not network security. Sadly, there’s a pretty good chance that the person who set up the network didn’t enable all security features or apply the latest firmware updates and patches.
- Hackers can sometimes compromise hotel WiFi, and use it to spread malware.
- Cybercriminals can set up fake hotspots that imitate hotel WiFi networks. If you accidentally connect to them, the hackers running them could log your traffic.
That’s why we really recommend using a VPN and antivirus software when using WiFi networks. The VPN encrypts your data to prevent any surveillance (even on fake networks), and antivirus programs protect your device from malware infections.
Is It Safe to Use Hotel WiFi for Banking?
We personally don’t recommend doing that. We already told you about some potential security vulnerabilities that await you if you use hotel WiFi. You’re much better off using mobile data to do that instead.
If you really must use hotel WiFi, always run a VPN connection to encrypt all your traffic. Also, use antivirus protection to stop malware infections from putting your financial data at risk.
Can Hotels Block VPNs?
They can do that, and we have seen people on Reddit (especially business travelers) complain about this problem.
It mostly seems that network admins block IPSec ports. So if you use VPN protocols that rely on them (IKEv2, IPSec, and L2TP/IPSec), your connection will be blocked.
Luckily, the solution is really simple - just use OpenVPN over TCP port 443. The hotel can’t block that port since it’s the HTTPS port. If they were to do that, they’d basically block HTTPS connections for everyone on their premises.
Besides that, some hotel managers have said that you won’t be able to run a VPN connection until you go through the captive portal. That’s the web page where you have to type in your ID and password to log into the hotel network. Until you authenticate, the captive portal will block all access and ports.
Finally, hotels could block VPNs in two more ways:
- They use firewalls to block the VPN server’s IP address. That way, you can’t connect to it anymore.
- They use DPI to detect OpenVPN traffic and block it.
However, those last two scenarios are pretty extreme, and you’re not likely to experience them unless you visit a country where VPNs are illegal.
Can’t I Just Use Incognito/Private Mode on Hotel WiFi?
No, that’s not enough. The fact that incognito or private mode can hide your traffic is actually a common misconception we hear very often.
Here’s the problem - incognito/private mode in browsers isn’t configured to hide your web traffic. It doesn’t offer any encryption. All it can do is hide your web browsing from people you share your device with. That, and delete some cookies when you close a tab or the browser.
So the hotel’s network admin can still see what sites you’re visiting. To prevent that, you need to use a VPN to fully encrypt your data. That’s the only way to prevent any form of traffic surveillance.
Can Hotels See What Websites I Visit? The Bottom Line
Tl;dr - yes, they can. So what do you do to prevent that?
Do you also use VPNs, or do you rely on other methods? If you do, please tell us about them in the comments, and please mention why you prefer them over VPNs.
And if you don’t bother hiding your online traffic, could you please elaborate? We’d like to hear your reasoning.
