Step 2: Installing and configuring the web app server and AV service

Installing the Acunetix 360 Application Server

The Acunetix 360 Application Server is installed using a wizard. The wizard has two parts:

  • The Acunetix 360 Web Application
  • The Acunetix 360 Authentication Verifier Service

NOTE: The Authentication Verifier Service is an optional part of this installation process. You can install the Authentication Verifier Service whenever you want. For more information about installing the verifier service, refer to Authentication Verifier Settings.

The following instructions explain how to install the Web Application and Verifier Service at the same time.

How to install the Acunetix 360 Application Server and Authentication Verifier Service

  1. Run the WebAppSetup.exe file and select Next.
  2. On the End-User License Agreement step, accept the license agreement, and select Next.

  1. On the Ready to Install step, select Next to install the Web Application Server, and wait for a while.

  1. The installation asks you to install the prerequisite: The Authentication Verifier Service.
  2. On the Welcome to the Prerequisites Setup Wizard window, select Next to continue.

  1. On the Select Installation Folder step, select Next to install the Authentication Verifier Service to the default folder. Or select Browse to select an installation folder. Select Next.

  1. On the Completing the Acunetix 360 Authentication Verifier Service Setup Wizard step, select Finish to complete the installation.

  1. On the Completing the Acunetix 360 Web Application Setup Wizard step, select Finish to complete the Web Application Setup process.

Next steps:

  1. Configure the Acunetix 360 Web App
  2. Install the Acunetix 360 Scanner Agent
  3. Install the Acunetix 360 Authentication Verifier
  4. Install the Acunetix 360 Bridge

Configuring the Acunetix 360 Web Application Server using the Installation Wizard

From the server URL on which the Acunetix 360 application is installed, you need to run the Acunetix 360 Installation Wizard to complete the installation.

TIP: You can also install the Acunetix 360 Web Application in silent mode. For more information, refer to Installing Acunetix 360 On-Premises in Silent Mode.

How to configure the Acuentix 360 Web Application Server using the installation wizard

  1. The first step of the Installation Wizard is configuring the Database connection.
  1. Complete the fields to enable Acunetix 360 to build the necessary database structure and populate it with data. Then, click Next.

  1. On the Encryption page, select Download the Secret Key to download your key. Then, select Next.

  1. On the License page, select Import a License (.nsc file) and import your license file. Select Next.
  2. On the Account page, complete the fields to set up your account administrator account. Select Next.
  1. If you use cloud providers like Amazon AWS, you can configure the settings here (refer to Cloud Provider Settings). If you don't use a cloud provider, deselect the Cloud Integration checkbox. Select Next.

  1. On the Scanner Agent Settings page, copy the Access Token if you want to install the scanner agents following the installation wizard process. These agents will be used to scan target applications.

It is possible to skip this step by selecting the Continue without installing an agent checkbox.  

You can install agents whenever you want. If you want to install an agent at this step, execute the file AgentSetup.exe from the zip file. (For more information on agents, refer to Agents in Acunetix 360 On-Premises). Select Next.

  1. On the Authentication Verifier Settings page, copy the Service Token and the Access Token if you want to install the authentication verifier service and verifier agent following the installation wizard process.

Authentication Verifier Service and Verifier Agent are two components of Acunetix 360 On-Premises that are used to verify Form Authentication. They are optional components (see Authentication Verifier Settings). If the websites you are scanning do not use form authentication, you do not need these components.

It is possible to skip this step by selecting Next and setting up it later in Acunetix 360. If you want to set it up, select Install Authentication Verifier. The following page appears:

For more information, refer to Installing Acunetix 360 Authentication Verifier.

Select Next.

  1. You can configure SMS and email notifications to inform users instantly about the status of a web application security scan, or when specific vulnerabilities are identified on the web applications you are scanning. The next steps (Email and SMS) are for configuring E-mail and SMS notification settings (refer to Managing Notifications).

NOTE: To send invitations to new users or other email notifications you need to configure SMTP settings. You also need to have a Twilio account to be able to receive SMS notifications.

It is possible to skip this step and the next step by deselecting the Enable Email Notifications and Enable SMS Notification checkboxes.

  1. Select Finish to complete the installation wizard.

Configuring a proxy for the Acunetix 360 Web Application

You may need to configure a proxy for the Acunetix 360 Enterprise Web Application. For information about setting a proxy for the agent, refer to Setting Proxy in Scanner Agents.

IMPORTANT: This instruction assumes that you installed Acunetix 360 Enterprise On-Premises to the default location, which is C:\Program Files (x86). If not, please change the relevant step in the instructions accordingly.

How to configure a proxy for the Acunetix 360 Web Application

  1. Press the Windows logo key  + E.
  2. Paste the following file path into the address bar: C:\Program Files (x86)\Acunetix 360 Web Application.
  3. Open Web.config with a text editor and locate the proxy configuration line.

<system.net>

    <!--<defaultProxy>

      <proxy usesystemdefault="True" proxyaddress="http://127.0.0.1:8888/"/>

    </defaultProxy>-->

  </system.net>

  1. Remove the comment characters from the proxy configuration line.
  2. Enter your proxy configuration.
  3. Save and close the Web.config file
  4. Restart the IIS for changes to take effect.

TIP: In addition to the proxy address, you can also add information such as a bypass list to the proxy configuration. It looks like the following:

<system.net>  

    <defaultProxy>  

        <proxy  proxyaddress="http://127.0.0.1:8080"  

                bypassonlocal="True"/>  

        <bypasslist>  

            <add address="[a-z]+\.acunetix\.com$" />  

        </bypasslist>  

    </defaultProxy>  

</system.net>

How to change the installation folder for the Acunetix 360 Web Application

The installer does not provide an option to select the folder location, however, you can change the location once the installation is complete. To do this, follow these steps:

  1. Copy the installation folder (C:\Program Files (x86)\Acunetix 360 Web Application) to the target disk.
  2. Open IIS.
  3. From Sites, select Acunetix 360.
  4. Select Advanced Settings.
  5. Replace the physical path with the new path.

Configuring notification settings

In the Acunetix 360 Application Server security scanner, you can configure SMS and email notifications to inform users instantly about the status of a web application security scan, or when specific vulnerabilities are identified on the web applications you are scanning.

NOTE: To send invitations to new users or other email notifications you need to configure SMTP settings. You also need to have a Twilio account to be able to receive SMS notifications.

For more information, refer to Managing Notifications.

How to configure notification settings

  1. Log in to Acunetix 360 with an Administrator account.
  2. From the main menu, select Settings > Email.
  3. Complete the form on the Email Settings page. If your SMTP server does not require a username and password, you can leave these settings empty.
  4. To configure your Twilio settings, from the main menu, select Settings > SMS.
  5. Complete the form on the SMS Settings page.

 

« Back to the Acunetix Support Page