Configuring Additional Websites

By default, Acunetix 360 does not scan domains that are different from those of the Target URL. Therefore, when you scan http://example.com, if there is a link to http://api.example.com, Acunetix 360 will not follow and scan the website or links to http://api.example.com. Instead, it reports them as Out of Scope Links in the Knowledge Base Viewer of the Technical Report.

In Acunetix 360, you can use the Additional Websites feature to specify which other websites you want to scan.

For more information, see Configuring Additional Websites.

How to Configure Additional Websites in Acunetix 360

1. Log in to Acunetix 360.
2. From the main menu, click Scans, then New Scan. The New Scan window is displayed.
3. From the Scan Options section, select Additional Websites.

4. Click New.

5. In the URL field, enter the additional website.
6. Enable Canonical, if required.

7. Add as many Additional Websites as required.
8. Click Launch.

The Scan Profile and Settings Used for the Additional Websites

For more information about configuring and managing Scan Profiles in Acunetix 360, see Overview of Scan Profiles.

Setting the Scan Scope

The configured Scan Scope settings do not apply for the Additional Websites. Instead the Whole Domain scan scope will always apply. This means that all of the detected pages and sub folders on the additional website will be scanned.

For further information, see Scope for Acunetix 360.

Including and Excluding URLs

The configured Include/Exclude URLs apply for Additional Websites too. So, if an additional website's links contains exit or endsession keywords, they will be excluded from the scan.

For further information, see Including and Excluding Links in a Scan.

Importing Links

You can add Imported Links which will be applied to the Additional Websites too. This setting allows you to specify pages that you would like to scan, which are not linked from anywhere on the website.

For further information, see Imported Links for Acunetix 360.

How to Import Links for Additional Websites in Acunetix 360

1. Open Acunetix 360.
2. From the Scans tab, click New Scan. The New Scan window is displayed.
3. From the Scan options menu, select Imported Links. The Imported Links section is displayed.

4. Specify pages:

• By manually entering the URLs in the Enter Links field
• By importing the URLs by uploading a supported file (e.g. a Fiddler file that includes, for each link, the URL, HTTP Request Header and Body) in the Import Links section:

• Click the dropdown to select a file for importing links

5. Click Launch.

URL Rewrites

The URL rewrite configuration also applies for Additional Websites. If the Heuristic URL rewrite technology is used, the scanner will try to automatically identify the URL Rewrites on the target website. If custom URL Rewrite rules are configured, they will also apply to Additional Websites as well.

Therefore if an Additional Website contains a link that matches the pattern configured above, for example http://api.example.com/products/1, the URL Rewrite parameter(s) will be detected automatically.

For further information, see URL Rewrite Rules.

Authentication

It is not possible to configure authentication settings for Additional Websites via the scan settings.

For further information, see Configuring and Verifying Form Authentication in Acunetix 360.

Reporting Scan Activity and Issues Identified in Additional Websites

The configured Additional Websites will have a node each in the Scan Summary list, as illustrated.

A new entry was also added to the reports, in which all the configured additional websites that were scanned will be listed.

The URLs in the reports are reported in full in the MIME Types node on the Knowledge Base tab, so that you can see which ones contain the issue.

For further information on Issues, see Viewing Issues in Acunetix 360.