Configuring auto-login

In some cases, the Acunetix scanner can automatically detect restricted areas of a target web application and identify the necessary steps to log in and the restricted pages that should not be clicked to keep the session valid. If your target web application contains a simple login mechanism you can set up the automatic site login feature by providing a username and password for the Acunetix scanner to use.  

This document provides step-by-step instructions for configuring a target to enable automatic site login so Acunetix can scan restricted areas of your web application.

How to configure auto-login to a restricted area of a target

  1. Log in to Acunetix and select Targets from the left-side navigation menu.

  1. Click on the relevant target address in your list of targets to access the Target Settings page.

  1. Click the Site Login toggle if it is not already enabled. This expands the site login settings panel.

  1. Select Try to auto-login into the site.
  2. Enter a valid username and password for the scanner to log in to the restricted area of the target web application.

  1. Click Save in the top-right corner of the Target Settings page.

The target is now configured so that the scanner automatically detects restricted areas and uses the credentials you provided to access them during scanning.

TIP: The auto-login option also supports the use of Time-based One-Time Passwords (TOTP) in the login mechanism. For more information, refer to Configuring form authentication with OTP.


« Back to the Acunetix Support Page