LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

One of the Most Useful Sites in the World is Also One of the Simplest: neverssl.com

NeverSSLStop me if you’ve heard this one before.

You stop at a cafe or check into a hotel.  You go to connect to the wifi, and it connects fine but you can’t go anywhere.  Everything says no internet.

You realize that the “accept our terms to access the internet” interstitial never appeared when you connected.  You go to google.com, lowendbox.com, etc. and it still doesn’t appear.

You try turning your wifi on and off but the problem persists.

The problem in years past was that you were trying to connect to https instead of http.  Because of that, the “accept our terms” popup never fired.  I remember running into that problem in the early 2000s.  Now it’s 2024 and by now, surely…

Nope.  Just ran into it at McDonald’s this morning.  Tried to connect, nothing worked.

Now, I think if I’d fussed with it for long enough it would eventually have worked – that’s usually my experience – but instead I took a shortcut.

I went to neverssl.com

neverssl.com is an http site that promises never to deploy https specifically so you can connect to these goofy outdated Wifi setups.  as they say:

This website is for when you try to open Facebook, Google, Amazon, etc on a wifi network, and nothing happens. Type “http://neverssl.com” into your browser’s url bar, and you’ll be able to log on.

And yes, it works.

The Old Trick

There’s a harder way of forcing a wifi router to give you its terms page.

If you’re savvy, you look up what the router’s IP address is and you put that in your browser’s location bar, and that usually does the trick.

But that’s tedious and manual…neverssl.com is quick and easy.

neverssl.com will never use SSL (also known as TLS). No encryption, no strong authentication, no HSTS, no HTTP/2.0, just plain old unencrypted HTTP and forever stuck in the dark ages of internet security.

Normally, that’s a bad idea. You should always use SSL and secure encryption when possible. In fact, it’s such a bad idea that most websites are now using https by default.

And that’s great, but it also means that if you’re relying on poorly-behaved wifi networks, it can be hard to get online. Secure browsers and websites using https make it impossible for those wifi networks to send you to a login or payment page. Basically, those networks can’t tap into your connection just like attackers can’t. Modern browsers are so good that they can remember when a website supports encryption and even if you type in the website name, they’ll use https.

The Web Site You Never See

Of course, what happens is that you put that in the browser, you’re redirected to “accept our terms”, and then when you click “accept” you’re usually taken to a “congrats, you’re connected!” page with an ad for whatever business you’re at.  So you never actually see the neverssl.com page.  They acknowledge this:

And if the network never redirects you to this page, well as you can see, you’re not missing much.

So if you’re ever at a place where the wifi refuses to connect, give neverssl.com a try.  Easy URL to remember (or bookmark), and I can attest it does what it says on the tin.

 

raindog308

2 Comments

  1. Rev:

    > I went to neverssl.com

    And this link is with HTTPS:// :)))

    June 13, 2024 @ 7:36 am | Reply
  2. Vasharon:

    I actually disagree with the basic notion that scrolling down the bottom of the connections page or opening the devices network manager page is “harder” or “tedious.”

    June 25, 2024 @ 5:46 pm | Reply

Leave a Reply

Some notes on commenting on LowEndBox:

  • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
  • Akismet is used for spam detection. Some comments may be held temporarily for manual approval.
  • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

Your email address will not be published. Required fields are marked *