Wi-Fi portals use an ugly hack to intercept a connection when the venue wants you to either pay, log in with an account, or accept terms before using a free network. When you select the Wi-Fi network, your Mac or iOS (or other) device receives a legitimate local network address, but the hack—which dates back about two decades now—hijacks DNS (domain name system) queries.
This means that when your device looks up a site to which you’re trying to connect, instead of returning the correct numeric Internet Protocol (IP) address, the portal’s router instead provides a local network address, which is intended to load a web page through which you navigate your admission to the network.
Apple several years ago simplified how portal pages get presented. Previously (and still on some platforms), you’d have to load a web page to see the portal, and deal with it. But Apple realized that it could perform a DNS check on connecting to a network to see if it could resolve one of its own domains. If that failed, it would recognize that the device was connected to a portal, and bring up the quasi-login page you’re familiar with seeing: it looks like a web page, but it’s a modal window that sits on top of the macOS or iOS interface.
IDGApple tests whether it can connect to one of its domains to see whether there’s a portal in place on a Wi-Fi network.
At the top of that window in iOS, the domain name appears, and it will say captive.apple.com briefly before the portal page load completes. I’ve noticed this much more in in iOS 11 than in previous release, so it’s possible Apple introduced a delay or a change so that each domain name appears for long enough to read it? Checking through support forums, I find people asking about the domain name for the last few years, but I never noticed it until this release.
There’s no way to disable Apple’s portal-connection behavior: it’s intended and expected. The only way to avoid seeing it is to never connect to public hotspots that require a portal to log in.
Ask Mac 911
We’ve compiled a list of the questions we get asked most frequently along with answers and links to columns: read our super FAQ to see if your question is covered. If not, we’re always looking for new problems to solve! Email yours to mac911@macworld.com including screen captures as appropriate, and whether you want your full name used. Every question won’t be answered, we don’t reply to email, and we cannot provide direct troubleshooting advice.
Author: Glenn Fleishman, Senior Contributor
Glenn Fleishman’s most recent books include Take Control of iOS and iPadOS Privacy and Security, Take Control of Calendar and Reminders, and Take Control of Securing Your Mac. In his spare time, he writes about printing and type history. He’s a senior contributor to Macworld, where he writes Mac 911.