Scan Settings: Allowed Hosts
To access this feature, click the Edit menu and select Default Scan Settings or Current Scan Settings. Then, in the Scan Settings category, select Allowed Hosts.
Using the Allowed Host Setting
Use the Allowed Host setting to add domains to be crawled and audited. If your Web presence uses multiple domains, add those domains here. For example, if you were scanning "WIexample.com," you would need to add "WIexample2.com" and "WIexample3.com" here if those domains were part of your Web presence and you wanted to include them in the crawl and audit.
You can also use this feature to scan any domain whose name contains the text you specify. For example, suppose you specify www.myco.com as the scan target and you enter "myco" as an allowed host. As Fortify WebInspect scans the target site, if it encounters a link to any URL containing "myco," it will pursue that link and scan that site's server, repeating the process until all linked sites are scanned. For this hypothetical example, Fortify WebInspect would scan the following domains:
-
www.myco.com:80
-
contact.myco.com:80
-
www1.myco.com
-
ethics.myco.com:80
-
contact.myco.com:443
-
wow.myco.com:80
-
mycocorp.com:80
-
www.interconnection.myco.com:80
Adding Allowed Domains
To add allowed domains:
-
Click Add.
-
On the Specify Allowed Host window, enter a URL (or a regular expression representing a URL) and click OK.
Note: When specifying the URL, do not include the protocol designator (such as http:// or https://).
Editing or Removing Domains
To edit or remove an allowed domain:
-
Select a domain from the Allowed Hosts list.
-
Click Edit or Remove.
See Also
Scan Settings: Cookies/Headers
Scan Settings: Custom Parameters