HTTP Login Field

The HTTP Login fields allow you to provide us with the login username and password we will use to verify the authentication process and access your page. If your page is not protected by a Login popup box, you can leave these fields blank.

In technical terms the type of authentication this uses is Basic Authentication (a.k.a. Basic Challenge Response). This type of authentication is not platform specific and is a common authentication standard supported by all web servers and web browsers on the Internet. This type of authentication is usually implemented in web browsers via a simple popup window that requests the username and password.

Please Note: do not confuse this type of login method with a web-page-based login forms built with HTML form elements. If your website uses a web-page-based login form, you should not enter your login credentials in the HTTP Login fields. Instead, you should provide the login credentials in the "Post Data" field using the name of the login form elements and formatted using the standard Post Data format. For web-page-based forms, you must also change the URL being tested to the Login Form url and then enable "Follow Redirects" so that page that loads after the login is submitted is the page that will be tested.

Important Security Precautions:

Only use with SSL Protected Pages – Generally speaking, HTTP Login (Basic Authentication) credentials are not secure by default. The only way to secure this authentication method is to access your page using SSL (a.k.a. HTTPS). For this reason, we recommend that you only use the HTTP Login fields if the page you provide to us uses SSL (HTTPS). When you provide an SSL protected page (using HTTPS), our systems automatically encrypt and secure the username and password when transmitting it over the Internet to your website (just like a normal web browser does). If you don't provide a SSL protected page (using HTTPS), then this login information is sent in clear text over the internet (just like a normal web browser does) and could possibly be captured by a hacker.

Create a Specific Username – you should create a new username specifically for use by our monitoring system and give that username the least amount of privileges possible on your server and website. We also recommend you use long and complex passwords for these usernames. This security recommendation is not just specific to your use of our system but just a generally recommended when assigning usernames on Internet websites and servers.

Related Links

• Monitoring Password Protected Sites

Updated on: 10/10/2022