What is a walled garden and how it works
Definition of a walled garden
On the Internet, a Walled Garden is a browsing environment that restricts the type of Web sites, Web domains and applications users can access before authenticating to a Wi-Fi network. Many ISPs filter URLs and set up the walled garden system to control the list of websites accessible through their WiFi networks, limiting Wi-Fi users’ Internet navigation and making it difficult for them to browse non-approved Web content. AOL is the most renowned example of an ISP using a walled garden service. The walled garden approach is also called "closed ecosystem" or "closed platform" as opposed to "open platforms", which instead allow unrestricted access to Web content to users. Given its restrictiveness, the walled garden is also referred to as "walled prison" or "walled desert".
How the walled garden works
When implementing SSIDs with Captive Portal, wireless users are redirected to a Splash Page where they authenticate before accessing a Wi-Fi network. Any captive portal can be configured with a list of Web domains that users can access before completing the authentication process. This list of accessible domains, hostnames and IP addresses is the Walled Garden, which always includes the domain of the splash page as “my.domain.com”, plus other web domains chosen by the wifi networks administrator. For instance, if wifi social login is used, the walled garden should include the domains of the social networks used for authentication on the splash page: if you want users to log in through Facebook, Twitter or Instagram, you should make these social networks accessible to all Wi-Fi users before they authenticate to your network and add all the domains to your walled garden list. At the same time, you should include in the walled garden the Web domains of any 3rd party websites hosting your advertisements, such as banners, audio files or videos: for instance, if you add a YouTube or Vimeo video on your splash page, the YouTube domain should be included in your walled garden and wifi users will be able to see and use Youtube before login.
Example of Web domains on a walled garden whitelist
Web domains to be included in the walled garden whitelist should be added as aaa.domain.com or *.domain.com.
For example:
*.facebook.com
*.facebook.net
*.twitter.com
*.instagram.com
*.google.com
*.youtube.com
*.vimeo.com
Remember that if the splash page does not show up, it might be because the captive portal system is not triggered by the device. This is due to the fact that a device can reach the domains it controls to check if there is connectivity. Instead, users are automatically redirected to your Splash Page if they try to connect to your SSID to browse any Web site excluded from your walled garden whitelist.
