Captive portal using Apache












5















I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.



I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.



I defined the relevant Apache configuration as:



RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


It is not working quite right, as the CNA browser enters a redirect loop.



I also tried putting all my relevant pages into a /captive directory, and defining the rule 



RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]


But had similar loop problems. What to do?






apache-httpd







share|improve this question

























  • Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

    – r0berts
    May 31 '18 at 6:43
















5















I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.



I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.



I defined the relevant Apache configuration as:



RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


It is not working quite right, as the CNA browser enters a redirect loop.



I also tried putting all my relevant pages into a /captive directory, and defining the rule 



RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]


But had similar loop problems. What to do?






apache-httpd







share|improve this question

























  • Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

    – r0berts
    May 31 '18 at 6:43














5












5








5


2






I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.



I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.



I defined the relevant Apache configuration as:



RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


It is not working quite right, as the CNA browser enters a redirect loop.



I also tried putting all my relevant pages into a /captive directory, and defining the rule 



RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]


But had similar loop problems. What to do?






apache-httpd







share|improve this question
















I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.



I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.



I defined the relevant Apache configuration as:



RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


It is not working quite right, as the CNA browser enters a redirect loop.



I also tried putting all my relevant pages into a /captive directory, and defining the rule 



RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]


But had similar loop problems. What to do?






apache-httpd




apache-httpd






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Aug 16 '17 at 6:00







Rui F Ribeiro

















asked Aug 15 '17 at 17:28









Rui F RibeiroRui F Ribeiro

40.3k1479136




40.3k1479136













  • Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

    – r0berts
    May 31 '18 at 6:43



















  • Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

    – r0berts
    May 31 '18 at 6:43

















Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

– r0berts
May 31 '18 at 6:43





Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

– r0berts
May 31 '18 at 6:43










1 Answer
1






active

oldest

votes


















5














Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server. 



# apple

RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteCond %{HTTP_HOST} !^192.168.2.1$

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on

RewriteCond %{REQUEST_URI} !^/captive/ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?






share|improve this answer





















  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f386242%2fcaptive-portal-using-apache%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









5














Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server. 



# apple

RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteCond %{HTTP_HOST} !^192.168.2.1$

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on

RewriteCond %{REQUEST_URI} !^/captive/ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?






share|improve this answer





















  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50
















5














Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server. 



# apple

RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteCond %{HTTP_HOST} !^192.168.2.1$

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on

RewriteCond %{REQUEST_URI} !^/captive/ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?






share|improve this answer





















  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50














5












5








5







Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server. 



# apple

RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteCond %{HTTP_HOST} !^192.168.2.1$

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on

RewriteCond %{REQUEST_URI} !^/captive/ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?






share|improve this answer















Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server. 



# apple

RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]

RewriteCond %{HTTP_HOST} !^192.168.2.1$

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]



# android

RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html



# windows

RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on

RewriteCond %{REQUEST_URI} !^/captive/ [NC]

RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?







share|improve this answer














share|improve this answer



share|improve this answer








edited Apr 19 '18 at 14:08

























answered Aug 15 '17 at 17:28









Rui F RibeiroRui F Ribeiro

40.3k1479136




40.3k1479136








  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50














  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50








1




1





I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

– Marco Martinelli
Oct 7 '18 at 15:39





I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

– Marco Martinelli
Oct 7 '18 at 15:39













@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

– Rui F Ribeiro
Oct 7 '18 at 15:50





@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

– Rui F Ribeiro
Oct 7 '18 at 15:50


















draft saved

draft discarded




















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f386242%2fcaptive-portal-using-apache%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

How to reconfigure Docker Trusted Registry 2.x.x to use CEPH FS mount instead of NFS and other traditional...

Image
0 I am having trouble trying to reconfigure my DTR container to try and use a CEPH FS mount we created to act as a storage backend for our image repository. The Docs are very vague on this and nothing exactly explains on how to do it. Has anyone yet connected the dots? linux filesystems mount storage docker share | improve this question asked Feb 1 at 6:40 jRapp3r jRapp3r 1 1 add a comment  | 
Read more

is 'sed' thread safe

Image
2 If I have a shell/python script that uses sed to modify a file in place based on user inputs, and then two users run the same script at the same time or approx. same time, is 'sed' thread safe ? Or perhaps it is not an issue because the file_descripor that was opened by the first thread will be used to lock the file anyway ? thx linux sed python share | improve this question edited 7 hours ago Jeff Schaller 42.9k 11 59 137 asked 7 hours ago terreys terreys
Read more

How to make a Squid Proxy server?

Image
1 I want to set up squid proxy server for monitoring user activity in a network and Internet Web URL filtering for user. I also want to configure the user login, user log, user access group, and block unwanted web sites in my network. Please help me and guide me the full process to do this. server proxy squid share | improve this question edited Jul 31 '12 at 14:45 Jorge Castro 37.1k 107 422 617 asked Jul 31 '12 at 5:16 Goivind Tiwari Goivind Tiwari
Read more