{"id":6394,"date":"2026-01-03T18:10:20","date_gmt":"2026-01-03T18:10:20","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=6394"},"modified":"2026-01-03T18:10:20","modified_gmt":"2026-01-03T18:10:20","slug":"captive-portal-setup","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=6394","title":{"rendered":"Captive Portal Setup"},"content":{"rendered":"<h2>TL;DR<\/h2>\n<p>This guide shows you how to set up a captive portal \u2013 a webpage users see before getting internet access, often used in public Wi-Fi. <strong>Warning: Using this for malicious purposes is illegal and unethical. This information is for educational security testing only.<\/strong><\/p>\n<h2>Setting Up Your Captive Portal<\/h2>\n<p>Choose a Framework\/Tool: Several options exist, each with different features and complexity.<\/p>\n<p>CoovaChilli: A popular open-source option. Requires more technical knowledge.<br \/>\nnodogsplash: Another open-source choice, simpler than CoovaChilli.<br \/>\nWiFiDog: Commercial solution with a free version for limited use.<\/p>\n<p>    For this guide, we\u2019ll focus on <strong>nodogsplash<\/strong> due to its relative simplicity.\n  <\/p>\n<p>Install nodogsplash: On Debian\/Ubuntu-based systems:<br \/>\nsudo apt update<br \/>\nsudo apt install nodogsplash<\/p>\n<p>Configure the Interface: Edit \/etc\/nodogsplash.conf to specify the network interface your access point uses (e.g., wlan0).<br \/>\ninterface=wlan0<\/p>\n<p>Customize the Portal Page: nodogsplash uses HTML templates in \/usr\/share\/nodogsplash\/htdocs\/.<\/p>\n<p>Edit index.html to change the login form, branding, and terms of service.<br \/>\nYou can add your own CSS for styling.<\/p>\n<p>Authentication Method: Decide how users will authenticate.<\/p>\n<p>MAC Address Authentication: Simplest method; allows access based on device MAC address. Edit \/etc\/nodogsplash.conf and set auth_type=macauth.<br \/>\nWeb Form Authentication: Requires users to enter credentials (email, password). More complex setup involving a database or external authentication server.  Edit \/etc\/nodogsplash.conf and set auth_type=webform.<\/p>\n<p>DHCP Server Configuration: Ensure your DHCP server provides the captive portal\u2019s IP address as the default gateway.<\/p>\n<p>If using hostapd, configure it to forward DHCP requests to dnsmasq or another DHCP server.<br \/>\nThe DHCP server should also provide a DNS server (e.g., 8.8.8.8).<\/p>\n<p>Start nodogsplash:<br \/>\nsudo systemctl start nodogsplash<\/p>\n<p>Enable on Boot:<br \/>\nsudo systemctl enable nodogsplash<\/p>\n<p>Firewall Rules (Important): Configure your firewall to redirect HTTP traffic (port 80) and HTTPS traffic (port 443) to the captive portal.<\/p>\n<p>Using iptables:<br \/>\nsudo iptables -t nat -A PREROUTING -i wlan0 -p tcp &#8211;dport 80 -j REDIRECT &#8211;to-ports 8080<br \/>\nsudo iptables -t nat -A PREROUTING -i wlan0 -p tcp &#8211;dport 443 -j REDIRECT &#8211;to-ports 8080<\/p>\n<p>Testing: Connect to the Wi-Fi network. You should be redirected to your customized captive portal page.<\/p>\n<h2>Security Considerations<\/h2>\n<p>HTTPS: Always use HTTPS for secure communication, especially if collecting user credentials. Configure nodogsplash with a valid SSL certificate.<br \/>\nInput Validation: If using web form authentication, thoroughly validate all user inputs to prevent injection attacks.<br \/>\nData Storage: Securely store any collected data (e.g., MAC addresses, usernames, passwords).<br \/>\nRegular Updates: Keep nodogsplash and your operating system updated with the latest security patches.<\/p>\n<p>The post <a href=\"https:\/\/blog.g5cybersecurity.com\/captive-portal-setup\/\">Captive Portal Setup<\/a> appeared first on <a href=\"https:\/\/blog.g5cybersecurity.com\/\">Blog | G5 Cyber Security<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>TL;DR This guide shows you how to set up a captive portal \u2013 a webpage users see before getting internet access, often used in public Wi-Fi. Warning: Using this for malicious purposes is illegal and unethical. This information is for educational security testing only. Setting Up Your Captive Portal Choose a Framework\/Tool: Several options exist, [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-6394","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6394"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6394"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6394\/revisions"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}