VPN services have the choice between renting or owning the servers in their network. This can have important consequences for privacy, security, and performance.
While investigating VPNs, we found some VPN services are reluctant to disclose when they are using rented servers.

Here are the three main options when it comes to server ownership:
- On-Site Ownership: The VPN purchases, installs, and maintains its servers itself. The servers are owned outright and stored somewhere on company premises, so only trusted employees have physical access to them.
- Colocation Agreement: The VPN owns and operates its servers but stores them off-site, usually in a data center. For a fee, the data center provides storage, air conditioning, and bandwidth. The company’s staff monitor the server remotely and visit the data center to repair hardware when needed.
- Rented Servers: The VPN service rents its servers straight from a data center. This allows it to avoid the expense, time, and expertise required to purchase, install, and maintain a physical server. The data center handles the hardware, and the VPN company is given remote access to handle the software.
Below, we’ll explain the different ownership options available to VPN services, along with their advantages and disadvantages.
On-Site Ownership
Table listing the pros and cons of owning VPN servers.
| Pros |
Cons |
| Complete control over hardware and network |
Huge up-front costs |
| Prevents third parties physically accessing the server |
Weakened connection speeds |
| Prevents third party logging server data |
Smaller server networks |
From a privacy and security perspective, the ideal VPN service owns its entire server network and stores it on-site.
The VPN service knows everything about the hardware, no one outside the company can physically access the servers, and no third party can log server activity.
That last point matters because a zero-logs policy is useless if a data center is collecting logs on the side.
First-party on-site ownership is the only way to guarantee there’s no third-party involvement beyond the company you’ve explicitly chosen to trust.
However, on-site ownership isn’t practical for most VPN services. It’s extremely expensive: VPNs have to fund servers, bandwidth, cooling facilities, back-up hardware, and a team of administrators, with costs multiplying for each new location.
On-site servers can also be slower than rented or colocated alternatives, since they’re often further from internet exchanges.
And strict on-site ownership caps how far a VPN can expand, since the service would need to own land in every country it wants a server in.
Colocation Agreements & Rented Servers
Table listing the pros and cons of colocated and rented servers.
| Pros |
Cons |
| Remote management ensures servers aren’t tampered with |
Third parties might have access to servers |
| Data centers provide faster speeds |
Data center servers might be vulnerable to traffic monitoring |
| Larger server networks |
|
| Faster connection speeds |
|
| Cheaper than on-site ownership |
|
If a VPN service wants the security benefit of owning its VPN servers without the drawbacks of storing them, the best option is a colocation agreement with a trustworthy data center so they can physically inspect and audit server hardware.
Rented VPN servers are installed, monitored, and maintained entirely by data center employees. In theory, this third party has the ability to tamper with the server’s hardware.
In reality, most modern rented and colocated servers are equipped with a Remote System Management Card. Combined with real-time system logging, VPN services can remotely monitor almost everything about a server’s operation, and shut it down if anything looks suspicious.
The bigger privacy issue is the networking environment around the server. Any server in a data center is connected to that data center’s network, and VPN services can never be sure that their server isn’t being monitored upstream.
This is particularly relevant in countries with invasive data privacy laws, where local authorities could monitor traffic or compel the data center to log on their behalf, without the VPN provider’s knowledge.
Both rented and colocated servers benefit from being in a data center, with proximity to internet exchanges and faster speeds.
Rented networks have the added advantage of flexibility: rental agreements scale up or down with demand, so VPN services can quickly offer new locations and IP addresses. Colocation keeps providers tied to the hardware they’ve already bought.
Which VPNs Rent Their Servers?
A majority of VPNs combine both rented and co-located servers in their networks. These include popular names like NordVPN and Proton VPN.
To ensure their rented servers are safe for users, these high-quality services carefully select server providers that respect user privacy and aren’t affiliated with authoritarian governments.

Some VPNs, like Mullvad, clarify whether they own or rent specific VPN servers.
The best VPNs will rigorously vet the data center it is renting servers from. This vetting process will include a full hardware audit and an inspection of the data center’s networking environment in order to understand any potential threats.
We urge any VPN service with rented servers to be more transparent about their data center vetting process, so users can have full confidence that their servers are safe to use.