Overview
If some or all pages or features of your website can be accessed only after login, we recommend you set a cookie to simulate website login for comprehensive vulnerability scan. Currently, VSS can simulate login by setting a cookie with the value of successful login, and the backend will periodically bring the set cookie to access the website, so as to ensure that the cookie won't expire.
Directions
Settings of simulated website login
- Log in to the VSS console and click Asset Management on the left sidebar to enter the asset management page.
- On the asset management page, click Website and find the asset for which to simulate a login.
- Click Set in the Simulated Login column of the target asset, and the Simulated Login window will pop up.
- In the Simulated Login window, enter the correct cookie value (see How to get cookie value) and click Save.
- The simulated website login is successfully set.
How to get cookie value
- Log in to your website in Chrome, access a page that requires login, and press F12 or right-click on the page and select Inspect.
- Select Network > All in DevTools that appears and refresh the page.
- Click the first network request.
- Find the Cookie item in Headers and copy the cookie value.
Yes
No
Was this page helpful?