When configuring a Target, you sometimes need to configure login details to the web application. This allows Acunetix to check the restricted areas in your web application.
There are two types of authentication that can be done with a web site – Form-based authentication and HTTP Authentication.

Form-based authentication is the most popular form of authentication. It is the type of authentication which is implemented in the web application, and is used in popular web sites such as gmail or facebook.

This type of authentication can be configured in Acunetix from the Site Login section of a Target.


On the other hand, HTTP Authentication is configured in the Web Server, and is often used as an added level of security. The authentication window appears before any page is loaded, and looks like what is shown in the screenshot. Different browsers display this message differently.

HTTP Authentication is also supported by Acunetix and can be configured from the Target’s settings > HTTP tab > HTTP Authentication


Nicholas Sciberras
Principal Program Manager
As the Principal Program Manager, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams, and provided technical training.