How to monitor websites behind HTTP basic authentication
Oh Dear allows you to monitor any kind of website, even those behind HTTP basic authentication. In this guide, we'll cover the steps on how to monitor a website behind an HTTP basic authentication prompt.
What is HTTP basic authentication?
A quick recap: HTTP basic authentication, also known as HTTP basic auth, is a very simple way of authentication yourself to a website.
Any time you see a "classic" popup like this, it's most likely fueled by HTTP basic authentication:
Once you've entered your username and password, you won't have to re-enter them in the same session. Your browser will remember them.
Monitoring sites with HTTP basic authentication
The "trick" to monitoring sites behind a basic HTTP auth, is to look for the Authorization
header and add that to the Oh Dear settings under HTTP Headers.
You see, we allow you to set custom HTTP headers for things like Cookies, language headers and also Authorization headers.
First, we need to find the correct Authorization header. This header is a hash of your username & password combination, so it doesn't change. That's good, because now we can re-use this hash in Oh Dear!
First, log in to the site you want to monitor with the correct credentials. Next, right click somewhere on the page and pick Inspect.
Now follow these steps:
- Go to the Network tab and reload your current page
- Click on the first resource that loaded, which is most likely your homepage
- Scroll down on the right hand site until you see the Request Headers
- Look for the authorization header
The header is called authorization and the value is Basic bWF0....
Add this header to Oh Dear's site settings
Now that we have the Authorization header, you can add it to your Oh Dear settings for the site.
Head over to the site, hit Settings in the left menu and find the section for Headers.
Add the Authorization header with the value of Basic bWF0... you found earlier, in the inspector.
Oh Dear will now add this header to every uptime check and broken links check we perform, automatically logging in via the HTTP Basic Authentication.