Skip to main content
Tick PowerMapper
 Try it now

Scanning sites with passwords SortSite Desktop Manual

You can scan password protected sites in all Desktop editions, but not in the OnDemand (cloud) edition.

Sites using forms authentication

To scan a password protected site in the desktop app:

  1. Login to the site in the usual way (either via a login page or the popup password dialog)
  2. Navigate to the page you want to start scanning from (usually the page shown after login, or the home page of the site)
  3. Now scan your site

Note: If you have a logout link inside the secure area, then the scanner may be logged out if it follows the logout link, preventing a full scan of the password protected area. To prevent this happening go to Blocked Links in Scan Options and add something like the following:

*logout*

This stops the scanner following links with ’logout’ in the URL. The pattern chosen needs to match the logout URL on your site. See blocking links for more details.

Sites using Windows authentication or HTTP authentication

To map a site (typically an intranet or internal web application) that uses Windows Integrated Authentication or HTTP Authentication:

  1. Go the the Crawler tab in Scan Options
  2. Select the On option under HTTP authentication
  3. Click OK
  4. Now scan your site

Warning: do not scan sites using Windows Authentication if you have administrator rights, and if following any of the links on the site can trigger side-effects such as hiding content.