Captive portal using Apache
I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.
I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.
I defined the relevant Apache configuration as:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
It is not working quite right, as the CNA browser enters a redirect loop.
I also tried putting all my relevant pages into a /captive directory, and defining the rule
RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]
But had similar loop problems. What to do?
apache-httpd
add a comment |
I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.
I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.
I defined the relevant Apache configuration as:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
It is not working quite right, as the CNA browser enters a redirect loop.
I also tried putting all my relevant pages into a /captive directory, and defining the rule
RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]
But had similar loop problems. What to do?
apache-httpd
Hello; I am now struggling with a similar problem; I am usingcreate_ap
to start network, which in turn deals withhostapd
anddnsmasq
. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks
– r0berts
May 31 '18 at 6:43
add a comment |
I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.
I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.
I defined the relevant Apache configuration as:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
It is not working quite right, as the CNA browser enters a redirect loop.
I also tried putting all my relevant pages into a /captive directory, and defining the rule
RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]
But had similar loop problems. What to do?
apache-httpd
I have been trying to build a captive portal in Apache that I plan to be Apple CNA aware.
I found several relevant posts in StackOverflow, including Captive portal popups... and How to create WiFi popup login page.
I defined the relevant Apache configuration as:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
It is not working quite right, as the CNA browser enters a redirect loop.
I also tried putting all my relevant pages into a /captive directory, and defining the rule
RewriteRule !^captive($|/) http://192.168.2.1/captive/portal.html [L,R=302]
But had similar loop problems. What to do?
apache-httpd
apache-httpd
edited Aug 16 '17 at 6:00
Rui F Ribeiro
asked Aug 15 '17 at 17:28
Rui F RibeiroRui F Ribeiro
40.3k1479136
40.3k1479136
Hello; I am now struggling with a similar problem; I am usingcreate_ap
to start network, which in turn deals withhostapd
anddnsmasq
. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks
– r0berts
May 31 '18 at 6:43
add a comment |
Hello; I am now struggling with a similar problem; I am usingcreate_ap
to start network, which in turn deals withhostapd
anddnsmasq
. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks
– r0berts
May 31 '18 at 6:43
Hello; I am now struggling with a similar problem; I am using
create_ap
to start network, which in turn deals with hostapd
and dnsmasq
. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks– r0berts
May 31 '18 at 6:43
Hello; I am now struggling with a similar problem; I am using
create_ap
to start network, which in turn deals with hostapd
and dnsmasq
. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks– r0berts
May 31 '18 at 6:43
add a comment |
1 Answer
1
active
oldest
votes
Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.
So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.
# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]
Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.
See also Captive portal detection, popup implementation?
1
I'd like to add that it's also useful to redirect any 404 to the captive portal withErrorDocument 404 /captive/portal.html
.
– Marco Martinelli
Oct 7 '18 at 15:39
@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.
– Rui F Ribeiro
Oct 7 '18 at 15:50
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f386242%2fcaptive-portal-using-apache%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.
So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.
# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]
Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.
See also Captive portal detection, popup implementation?
1
I'd like to add that it's also useful to redirect any 404 to the captive portal withErrorDocument 404 /captive/portal.html
.
– Marco Martinelli
Oct 7 '18 at 15:39
@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.
– Rui F Ribeiro
Oct 7 '18 at 15:50
add a comment |
Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.
So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.
# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]
Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.
See also Captive portal detection, popup implementation?
1
I'd like to add that it's also useful to redirect any 404 to the captive portal withErrorDocument 404 /captive/portal.html
.
– Marco Martinelli
Oct 7 '18 at 15:39
@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.
– Rui F Ribeiro
Oct 7 '18 at 15:50
add a comment |
Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.
So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.
# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]
Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.
See also Captive portal detection, popup implementation?
Upon investigating and doing some tests, it is evident the Apple CNA is a web browser of its own; evidently if an exception is not properly made, all subsequent requests will have yet again the same user agent. So it will start the procedure/portal redirection from scratch, thus the redirect loops.
So in the rule for Apple, we won't redirect anymore if the destination host is the captive portal server.
# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^192.168.2.1$
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L,R=302]
# android
RedirectMatch 302 /generate_204 http://192.168.2.1/captive/portal.html
# windows
RedirectMatch 302 /ncsi.txt http://192.168.2.1/captive/portal.html
We also add a generic catch-all rule here, that if none of the previous conditions happen, or we are dealing with a OS which we do not have a rule for, it will redirect to the portal if not already there (e.g. not visiting the captive directory).
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/captive/ [NC]
RewriteRule ^(.*)$ http://192.168.2.1/captive/portal.html [L]
Obviously, I would stress out that with this configuration, all the captive portal specific files have to live below the /captive directory.
See also Captive portal detection, popup implementation?
edited Apr 19 '18 at 14:08
answered Aug 15 '17 at 17:28
Rui F RibeiroRui F Ribeiro
40.3k1479136
40.3k1479136
1
I'd like to add that it's also useful to redirect any 404 to the captive portal withErrorDocument 404 /captive/portal.html
.
– Marco Martinelli
Oct 7 '18 at 15:39
@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.
– Rui F Ribeiro
Oct 7 '18 at 15:50
add a comment |
1
I'd like to add that it's also useful to redirect any 404 to the captive portal withErrorDocument 404 /captive/portal.html
.
– Marco Martinelli
Oct 7 '18 at 15:39
@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.
– Rui F Ribeiro
Oct 7 '18 at 15:50
1
1
I'd like to add that it's also useful to redirect any 404 to the captive portal with
ErrorDocument 404 /captive/portal.html
.– Marco Martinelli
Oct 7 '18 at 15:39
I'd like to add that it's also useful to redirect any 404 to the captive portal with
ErrorDocument 404 /captive/portal.html
.– Marco Martinelli
Oct 7 '18 at 15:39
@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.
– Rui F Ribeiro
Oct 7 '18 at 15:50
@MarcoMartinelli Thanks for the comment! We encounter a few tibdbits about the theme here and there, hence also having published those questions in the past.
– Rui F Ribeiro
Oct 7 '18 at 15:50
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f386242%2fcaptive-portal-using-apache%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Hello; I am now struggling with a similar problem; I am using
create_ap
to start network, which in turn deals withhostapd
anddnsmasq
. I wonder what the simplest solution would be for my use case unix.stackexchange.com/questions/446114/… - it would be great to hear what you say. I thought what is left for me is to tweak iptables and apache. Thanks– r0berts
May 31 '18 at 6:43