Site Authentication
Introduction
When adding a new Site to your AAArdvark Workspace, you’ll need to configure a few settings to make sure your site is getting the most out of the tools and platform. However, sometimes you need to make more than a few changes. Keep in mind that you can always go back and edit your authentication settings as necessary.
From your dashboard, click the Add a New Site button at the top of the page.
Setting up Site Authentication
AAArdvark allows for logging into a site prior to scanning. This lets you scan pages as a logged in user that would otherwise not be available to the public.
The credentials can be used for some or all pages on the site, an option that is individually configured on each page set up to be scanned.
Three types of authentication are provided – HTTP Basic, Login Form, and Custom Header.
- HTTP Basic: This form of authentication is commonly used to protect sites that are under development and should not be seen by the general public. Enter a username, password, and a test URL that requires the provided credentials.
- Login Form: This is the standard method of authentication for sites that require a user to enter a username and password on a form. (Only cookie-based login is currently supported. Additional instructions are provided below.)
- Custom Header: Any header name and value can be set. Enter a test URL that requires the provided credentials to ensure authentication is working properly.
For Cookie Authentication, we currently only support three platforms: WordPress, Drupal, and Laravel. If you’d like to see a new platform officially supported, please send a feature request through the support form.
To set up this method:
- Site Type: Choose the platform your site is built on, and enter the username and password.
- Username/Password: Credentials will be stored using strong encryption, however we recommend using credentials specific to AAArdvark and ensuring the credentials do not have more capabilities than are needed for accessibility scanning.
- For extra protection, we recommend configuring your CMS to only permit this user to log in from our IP addresses. We will notify you if these IP addresses change in the future.
- 104.131.176.165
- 159.203.100.239
- 144.126.248.6
- For extra protection, we recommend configuring your CMS to only permit this user to log in from our IP addresses. We will notify you if these IP addresses change in the future.
Custom Login Pages
If you’re using Laravel and have customized your login page, you may need to adjust the username, password, and/or submit button selectors.
Customized login pages are not supported for Drupal and WordPress.