Right now, while you're reading this, your Android phone is silently sending HTTP requests to connectivitycheck.gstatic.com — a Google server that exists solely to detect whether you're behind a captive portal Wi-Fi login page. This happens every time you change networks, and at regular intervals afterward. Magisk Captive Control (MCC) by Atrate gives you complete authority over this hidden behavior — disable it entirely, redirect it to a server you trust, or fine-tune which detection modes are active. Stop pinging Google in the background, regain control over your device's outbound traffic, and remove a tracking vector you may not have even known existed.
Download via Pling
Magisk Captive Control is distributed through Pling. Click the button to open the official download page and grab the latest flashable ZIP for Magisk, KernelSU, APatch, or KSUNext.
Download on PlingPrivacy Capabilities
Three levels of control over Android's captive portal detection mechanism — from full disable to surgical server redirection.
Fully Disable Detection
Completely turns off Android's captive portal detection by setting captive_portal_detection_enabled to 0. Your device will stop pinging Google's connectivitycheck.gstatic.com server entirely — no background traffic, no detection probes, no auto-login prompts.
Redirect to Trusted Server
Change the captive portal check endpoint via captive_portal_server to any server you trust — a self-hosted endpoint returning HTTP 204, a privacy-respecting community server, or any URL of your choice. Keep portal detection working without sending data to Google.
Fine-Grained Detection Modes
Control the captive_portal_mode setting — choose between full detection, prompt-only mode, or silent operation. Combine with the server setting for maximum control over exactly how (and whether) your device probes for captive portals.
Persistent Across Reboots
Manual settings put commands typically survive reboots, but applying them via a Magisk module guarantees the configuration is re-applied if Android's settings provider ever resets. MCC handles this automatically through its boot-time service script.
Wide Android Compatibility
Designed to work on both older and newer Android versions. The captive portal detection framework has existed since Android 5.0 (API 21) and uses the same global settings keys across all supported versions, making this module broadly compatible.
Disables CaptivePortalLogin App
Optionally disables the com.android.captiveportallogin system app — the component that handles the mini-browser captive portal sign-in window. Useful for complete elimination of any captive portal-related background activity.
How Android Captive Portal Detection Works
Since Android 5.0 Lollipop, Android has included built-in captive portal detection — a mechanism designed to identify Wi-Fi networks that require users to sign in through a web page before granting internet access (commonly seen at hotels, airports, cafes, and public hotspots). When you connect to any Wi-Fi network, Android performs an HTTP probe to a known URL and inspects the response:
Internet works normally — no captive portal. Android marks the network as "Connected".
Captive portal detected — Android pops up the "Sign in to network" notification automatically.
"Connected without Internet" — the Wi-Fi connects but no internet access is available.
The default Android probe URL is http://connectivitycheck.gstatic.com/generate_204 — a Google server that returns HTTP 204 (No Content) when there is no captive portal. This means every time your Wi-Fi network changes, and at periodic intervals afterward, your Android device makes an HTTP request to Google's infrastructure. Some users find this particularly concerning because:
- The connection is unencrypted HTTP (originally), revealing your IP and timing patterns
- It happens continuously in the background, even if you never use Google services
- Google receives connection metadata from millions of devices for this purpose alone
- The check is initiated by a privileged system component, so app firewalls usually cannot block it
MCC intercepts this by modifying Android's global settings provider — changing captive_portal_server to a different URL, setting captive_portal_detection_enabled to 0, or disabling the entire com.android.captiveportallogin system component. The module applies these settings persistently on every boot.
The Underlying Settings (Manual Reference)
Under the hood, MCC modifies the following Android global settings via the settings command. For reference, these are the same commands an advanced user could run manually with root:
Alternative Captive Portal Servers
If you want to keep captive portal detection working but avoid Google's servers, you can point MCC to alternative endpoints that return HTTP 204. Some privacy-respecting community alternatives:
connectivitycheck.gstatic.com — the default Android probe URL.connectivitycheck.grapheneos.network — privacy-respecting alternative run by GrapheneOS./generate_204 — maximum control and zero third-party logging.captive_portal_server to localhost effectively kills the probe without disabling the framework.Frequently Asked Questions
connectivitycheck.gstatic.com, redirect the check to a different server (like a self-hosted or privacy-respecting one), or fine-tune detection modes — all persistent across reboots.
connectivitycheck.gstatic.com/generate_204) to detect whether you are on a Wi-Fi network that requires sign-in (like at airports, hotels, or cafés). This means Google receives a steady stream of connection metadata from your device — even when you are not actively using any Google service. Many privacy-conscious users find this concerning.
localhost to effectively disable detection while keeping the framework operational.
captive_portal_detection_enabled, captive_portal_server, captive_portal_mode) across all supported Android versions.