Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

http://detectportal.firefox.com/ is hammering our firewalls

oldfirefoxuser69
oldfirefoxuser69
more options

Originally posted this issue at http://forums.mozillazine.org/viewtopic.php?f=9&t=3030018 And was redirected here for enterprise assistance. Hopefully a support engineer can assist with this

In our environment we have many hundreds of clients/visitors that heavily use the web. Needless to say that Firefox is one of the most used web clients. :-)

We noticed a continuous hit on our firewalls which took it's toll on the cpus as the request to hhttp://detectportal.firefox.com/success.txt is from every Firefox browser installed on the desktops/laptops/etc every 3 seconds or so. ](*,) As a workaround we've allowed through the firewall an ever growing list of IP addresses and that is plain ridiculous and simply unmanageable.

Are your network gurus/engineers going to implement solutions such as anycast to alleviate this flawed implementation of a simple service as it has been in use for quite sometime now by for example Apple, Google, etc... For example if you ping 8.8.8.8, it's very likely hosted in a datacentre near your town. Will you consider anycast towards detectportal.firefox.com?

Please advise. Thanks in advance.

Originally posted this issue at http://forums.mozillazine.org/viewtopic.php?f=9&t=3030018 And was redirected here for enterprise assistance. Hopefully a support engineer can assist with this In our environment we have many hundreds of clients/visitors that heavily use the web. Needless to say that Firefox is one of the most used web clients. :-) We noticed a continuous hit on our firewalls which took it's toll on the cpus as the request to hhttp://detectportal.firefox.com/success.txt is from every Firefox browser installed on the desktops/laptops/etc every 3 seconds or so. ](*,) As a workaround we've allowed through the firewall an ever growing list of IP addresses and that is plain ridiculous and simply unmanageable. Are your network gurus/engineers going to implement solutions such as anycast to alleviate this flawed implementation of a simple service as it has been in use for quite sometime now by for example Apple, Google, etc... For example if you ping 8.8.8.8, it's very likely hosted in a datacentre near your town. Will you consider anycast towards detectportal.firefox.com? Please advise. Thanks in advance.

All Replies (2)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You can set network.captive-portal-service.enabled to false on the about:config page or use mozilla.cfg to lock this pref to false. 

//
lockpref("network.captive-portal-service.enabled", false);

See Configuration:

oldfirefoxuser69
oldfirefoxuser69 Question owner
more options

cor-el said

You can set network.captive-portal-service.enabled to false on the about:config page or use mozilla.cfg to lock this pref to false. 
//
lockpref("network.captive-portal-service.enabled", false);

See Configuration:

Hi,

Really appreciate the update. Our local software dev gurus sure will make use of this info towards our desktops/laptops. But as we have visitors and lots of them, they do bring their own devices. Perhaps there is a better solution (maybe anycast dns) your network gurus could come up with? Thanks in advance.