Captive portal using Apache












5















I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.



I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.



I defined the relevant Apache configuration as:



RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


It is not working quite right, as the CNA browser enters a redirect loop.



I also tried putting all my relevant pages into a /captive directory, and defining the rule



RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]


But had similar loop problems. What to do?










share|improve this question

























  • Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

    – r0berts
    May 31 '18 at 6:43
















5















I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.



I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.



I defined the relevant Apache configuration as:



RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


It is not working quite right, as the CNA browser enters a redirect loop.



I also tried putting all my relevant pages into a /captive directory, and defining the rule



RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]


But had similar loop problems. What to do?










share|improve this question

























  • Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

    – r0berts
    May 31 '18 at 6:43














5












5








5


2






I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.



I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.



I defined the relevant Apache configuration as:



RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


It is not working quite right, as the CNA browser enters a redirect loop.



I also tried putting all my relevant pages into a /captive directory, and defining the rule



RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]


But had similar loop problems. What to do?










share|improve this question
















I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.



I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.



I defined the relevant Apache configuration as:



RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


It is not working quite right, as the CNA browser enters a redirect loop.



I also tried putting all my relevant pages into a /captive directory, and defining the rule



RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]


But had similar loop problems. What to do?







apache-httpd






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Aug 16 '17 at 6:00







Rui F Ribeiro

















asked Aug 15 '17 at 17:28









Rui F RibeiroRui F Ribeiro

40.3k1479136




40.3k1479136













  • Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

    – r0berts
    May 31 '18 at 6:43



















  • Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

    – r0berts
    May 31 '18 at 6:43

















Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

– r0berts
May 31 '18 at 6:43





Hello; I am now struggling with a similar problem; I am using create_ap to start network, which in turn deals with hostapd and dnsmasq. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks

– r0berts
May 31 '18 at 6:43










1 Answer
1






active

oldest

votes


















5














Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.



# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?






share|improve this answer





















  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f386242%2fcaptive-portal-using-apache%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









5














Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.



# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?






share|improve this answer





















  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50
















5














Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.



# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?






share|improve this answer





















  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50














5












5








5







Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.



# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?






share|improve this answer















Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.



So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.



# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]

# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html

# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html


We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).



RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]


Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.



See also Captive portal detection, popup implementation?







share|improve this answer














share|improve this answer



share|improve this answer








edited Apr 19 '18 at 14:08

























answered Aug 15 '17 at 17:28









Rui F RibeiroRui F Ribeiro

40.3k1479136




40.3k1479136








  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50














  • 1





    I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

    – Marco Martinelli
    Oct 7 '18 at 15:39











  • @MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

    – Rui F Ribeiro
    Oct 7 '18 at 15:50








1




1





I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

– Marco Martinelli
Oct 7 '18 at 15:39





I'd like to add that it's also useful to redirect any 404 to the captive portal with ErrorDocument 404 /captive/portal.html.

– Marco Martinelli
Oct 7 '18 at 15:39













@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

– Rui F Ribeiro
Oct 7 '18 at 15:50





@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.

– Rui F Ribeiro
Oct 7 '18 at 15:50


















draft saved

draft discarded




















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f386242%2fcaptive-portal-using-apache%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

How to make a Squid Proxy server?

Is this a new Fibonacci Identity?

19世紀