HTTP Forever

A reliably insecure connection

http://httpforever.com

01 — The idea

Why does this site exist?

This domain started out as my personal captive portal buster, but I wanted to publicise it for anyone to use. If you're on a train, in a hotel or bar, on a flight, or anywhere that makes you log in for WiFi, this site can help you get to the login screen.

02 — The mechanics

How does it work?

When you connect to a WiFi hotspot out and about, you sometimes have to log in or accept terms and conditions. To do that, the captive portal has to intercept one of your requests and inject its own login page.

Modern sites use HTTPS, so that interception triggers a big red security warning in your browser — one you should never click through. Because this page is served over plain HTTP, the portal can intercept it cleanly and show you the login screen instead. Just open a new tab and come here.

03 — Go ahead

Can I use it?

Yes! Anyone is free to use or link to this site. Just make sure you're always on the HTTP version:

http://httpforever.com Click to select, then copy

04 — The author

Who built this?

This site was built by Scott Helme, a security researcher trying to help make the web more secure.