How to Work with Web Application Security

Learn how to address security issues that prevent Rainforest from accessing your test site.

When testing, you might discover one or more levels of security restricting access to your staging site. Following are some things you can check.

IP Access Controls

Make sure to whitelist the Rainforest IP addresses. For more information, see Which IP Addresses Do Rainforest Tests Come From?

HTTP Basic Auth

Add a step to every test to provide testers with login credentials. Alternatively, you can configure your test URL to include the username and password:

https: //[email protected]:www.sitename.com

Custom Authorization Layer

Create a standalone test directing users to sign in with a username and password and use it as an embedded test in other tests. Doing so saves time.

You have two options:

  • Write the login credentials as static values. Keep in mind that all users must log in to the same test account.
    “In the email field, enter [email protected], and in the password field, enter password1.”
  • Create multiple test accounts and set up the login credentials as dynamic data. This way, when your tests execute in parallel, each tester logs in with credentials. This is a great way to avoid concurrency issues.

SSL Certificates

Create a valid SSL cert via Let’s Encrypt.


*If you have any questions, reach out to us at [email protected] or via the chat bubble below.


Did this page help you?