How to scan a website behind an HTTP or SOCKS proxy server

If the machine running Acunetix Web Vulnerability Scanner is located behind a proxy server, the proxy server settings must be configured for the scanner to connect to the target application via the proxy server. Proceed as follows:

  1. Navigate to Configuration > Scan Settings.
  2. You might want to create a Scan Settings template if you need the proxy settings to be used for specific web sites. If you don’t create a template, all your scans will be done using the Default template with the configured proxy settings. Click on the New Document button next to the Template drop down, and give your new template a name. Make sure that your new template is selected.
  3. Change to the LAN Settings node to access the HTTP Proxy and SOCKS Proxy settings page.
    LAN Settings > Proxy Settings
  4. HTTP Proxy Settings
    • Use an HTTP proxy server – Tick the checkbox to configure Acunetix Web Vulnerability Scanner to use a HTTP proxy server.
    • Hostname and Port – Hostname (or IP address) and port number of the HTTP proxy server.
    • Username and Password – Credentials used to access the proxy. If no authentication is required, leave these fields blank.
  5. SOCKS Proxy Settings
    • Use a SOCKS proxy server – Tick the checkbox to configure Acunetix Web Vulnerability Scanner to use a SOCKS proxy server.
    • Hostname and Port – Hostname (or IP address) and port number for the SOCKS proxy server.
    • Protocol – Select which SOCKS protocol to use. Both Socks v4 or v5 protocols are supported by Acunetix Web Vulnerability Scanner.
    • Username and Password – The credentials used to access this proxy. If no authentication is required, leave these fields blank.
  6. Click Apply to save your settings.
Share this post
  • If a proxy server is configured in Acunetix will it affect the scan results at all?

    • That will depend on the proxy server. Acunetix does not alter the way that the scan is done when a proxy server is configured. However a proxy server might alter HTTP requests / responses as they are passing through it. Proxy servers might also server cached versions of certain pages, which might also affect the scan.

  • Our scan involves some components that needs to be accessed via proxy, while the other materials can only be accessed without passing through the proxy. (Local address bypass settings in the IE)
    May I know is there a way to setup the above in Acunetix please? When we set the proxy we can’t access the local page and when we unset it we can’t access the proxy page…

    • Hi,

      The proxy setting affects the scanning template, and you need to select the scanning template to be used for your scan. Acunetix WVS does not have an exclude list for the proxy settings. You will need to split the scan so that part of the site is scanned via the proxy, and the other part is scanned directly.

      You can start the scan using the Scan Wizard (New Scan button on the top left). In the options page, select to “Show advanced options in the scan wizard”. In the Advanced options, choose “After crawling let me choose the files to scan”. This will allow you to scan a section of the site.

  • To scan a site hosted in cloud (scanner on-prem behind a proxy), in addition to configuring proxy settings in the Scan Profile, do we also need outbound firewall rules on the external/perimeter firewall to allow the Acunetix scanner to scan out? If yes, please advise ports the scanner operates on. Many thanks.

    • Most of the Acunetix scan is done over HTTP/ HTTPS. Ideally you configure the firewall to ignore completely any traffic from Acunetix to web site, so as to ensure that the firewall does not interfere with the scan.

  • Leave a Reply

    Your email address will not be published.