How to Monitor Password-Protected Pages

While password protection is essential for security, it creates a potential point of failure for user access. Effective monitoring must verify that your login gates are actually open to authorized personnel. Pulsetic simplifies this by treating authentication as a standard part of the check, ensuring your private pages are secure yet accessible.

The Step-by-Step Process

Step 1: Set Up General Settings

  1. Enter the protected page's address (e.g., example.com/protected)   into the URL field. 
  2. Give your monitoring task a clear name, like "Protected Page," in the Name field. 
  3. Choose how often you want the tool to check the page (e.g., every 5 minutes) and set that in the Check Frequency field.

Step 2: Configure the Request Settings

Before configuring the monitor, you must determine which type of security your website uses.

Option 1: Server-Side Authentication (Basic/Digest)

Use this option for this scenario. When you visit the URL, a grey system pop-up appears at the top of the browser asking for a username and password.

Server-Side Authentication
Server-Side Authentication
  1. Set the Request Type to “HTTP” and the HTTP Method to “GET” (standard for loading a page).
  2. Locate the Auth. type dropdown menu and select Basic (common for .htaccess) or Digest (for higher security).
  3. Enter the authorized Username and Password in the dedicated fields.
Server-Side Authentication (Basic)
Server-Side Authentication (Basic)
Server-Side Authentication (Digest)
Server-Side Authentication (Digest)

Note:

Pulsetic automatically handles the necessary headers for the selected Auth type, so you do not need to manually add an "Authorization" header, configure the Body, or change the Content-Type.

Option 2: Form-Based Authentication (Custom Login Page)

Use this option for this scenario. When you visit the URL, a styled web page loads with text boxes for "Username" and "Password" inside the page design.

Custom Login Page
Custom Login Page
  1. Set the Request Type to “HTTP” and the HTTP Method to “POST.”
  2. In the Body section, select x-www-form-urlencoded   format.
  3. Add your credentials as key-value pairs based on your form's field names.
    • Example: username=practice&password=SuperSecretPassword!  
  1. In the Headers section, add: Content-Type: application/x-www-form-urlencoded  .

Important:

Replace practice   and SuperSecretPassword!   with your actual test credentials.

Step 3: Verify the Protected Page (Both Options)

Regardless of which method you choose, you must tell Pulsetic what a "Successful Login" looks like.

  1. Go to the Response Settings tab.
  2. In the Response Text field, add a text string that confirms successful login. For example, if login success leads to "Welcome, testuser," add "Welcome, testuser." Optionally, in the Headers section, check for a Set-Cookie   header to confirm a session cookie was set.
  3. In the Response Text field, add a string that's always present on the protected page when it's working. For example, if the protected page always says "Authorized Access," add Authorized Access  .

Step 4: Monitor and Troubleshoot

  1. Click Run Check & See Result to immediately test your settings.
    • Success: You see Status 200 OK and the Response Body shows the content of the protected page.
    • Failure: You see Status 401/404. Check your credentials or try switching between Option 1 and Option 2.
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us