Any way to make all hotspot pages SSL.

spire2z · March 31, 2010, 4:56pm

In testing only the login screen loads up with SSL, status page etc don’t by default. Is there a way to force all hotspot pages to SSL?

fewi · March 31, 2010, 5:00pm

Yes, but it’s up to you to edit everything so that the links point to the right protocol in the URI.

spire2z · March 31, 2010, 5:14pm

but just say someone just types into the browser address bar when they are logged in:

hotspot.myhost.com

Without any protocol info entered by default the page loads non ssl. I didn’t know about anything in the html that controls that, surely it’s the web server that does that? Or maybe you can enlighten me?

Thanks in advance..

fewi · March 31, 2010, 5:21pm

I see what you mean now. No, you cannot do that. The built in webserver/servlets don’t support rewrites like that.

You can kind of fudge things out, though. From the manual:

request for “/” on the HotSpot host

if user is logged in, rstatus.html is displayed; if rstatus.html is not found, redirect.html is used to redirect to the status page

So you can replace the content of rstatus.html with a meta redirect to https://hotspot.myhotspot.com/real_status.html, and add a file real_status.html to the Hotspot directory. That way, whether the request comes in via HTTPS or HTTP, the user will be redirected to an HTTPS page.

If someone goes to http://hotspot.myhotspot.com/real_status.html that will still load non-SSL, though.

spire2z · March 31, 2010, 10:57pm

That’s great, thanks. I guess I should have read the manual properly :-0 But you saved me having to do that, and for that I send my thanks

dssmiktik · April 1, 2010, 5:16am

Set this between the tags of any page you want HTTPS only:

Ex. status.html

$(if server-address == '<router ip>:80')
<meta http-equiv="refresh" content="0; url=https://<router ip>/status">
$(endif)

In my case, my router’s IP is 192.168.101.1 To redirect any http request to https for the status page, here is my status.html:

<html>
<head>
$(if server-address == '192.168.101.1:80')
<meta http-equiv="refresh" content="0; url=https://192.168.101.1/status">
$(endif)
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="-1">
</head>

<body>
You should now be viewing this STATUS page on an HTTPS connection.
</body>
</html>

fewi · April 1, 2010, 4:54pm

Nice.
Remember to pass on any GET or POST parameters if you replace pages that require them.

spire2z · April 2, 2010, 1:31am

Yeah good one. that is better.

tombee79 · September 7, 2010, 4:56am

You can not edit user manager html pages. So you can not use the SSL html code you proposed.

But the hot spot redirect option look ok. Must check that out.

thx

tombee79 · September 14, 2010, 3:32am

Is there any Firewall MT pro?

Can i do the trick with firewall filter ? Is it possible to check for domain name request and if that the request occurred trigger the address re-write to https?

or something like that, i am not good with firewall in MT.

Any advise?

thx

dssmiktik · September 14, 2010, 3:59am

Here is some documentation describing more on customizing hotspot servlet pages (also applies to v4.x):
Customizing HotSpot: HTTP Servlet Pages

Hope this helps.

tombee79 · September 14, 2010, 4:40am

no thats not it.

I guess it problem got to do with http server that serves pages of itself and only him can check if the page should be server or its url re-writed or change protocal to https. But we dont’ have control over http serve in MT rb.

At least for now.

thx btw