The Application Info section for a web application identifies the target web application to be scanned.
The starting host from which to start web crawling. Enter an IP address or host name (FQDN) to start web crawling under. The web application can consist of a single physical host or multiple identical hosts behind a single load-balanced host.
The port number from which to start crawling.
The starting path from which to start crawling.
By default the crawling starts at the web application root directory. To start web crawling from a subdirectory, enter the path to the starting directory beginning with "/". This could be extracted from a correctly formed URL. For example:
/services/app1
Select this option to limit crawling to the starting URI and its sub-directories. When selected, the scanning engine scans the starting URI and any child directories it finds, but it will not scan any parent directories of the starting URI.
Sample Web Application:
Virtual Host: www.qualys.com
Port: 80
Staring URI: /research/
Using the above web application, the scanning engine will start its scan at http://www.qualys.com/research/. From this page, links will be found to:
http://www.qualys.com/research/exploits/
http://www.qualys.com/research/top10/
http://www.qualys.com/research/vulnlaws/
http://www.qualys.com/research/knowledge/
http://www.qualys.com/
http://www.qualys.com/products/qg_suite/
http://www.qualys.com/customers/
etc...
From this list of links discovered, the scanning engine will NOT crawl:
http://www.qualys.com/
http://www.qualys.com/products/qg_suite/
http://www.qualys.com/customers/
Notes:
http://www.qualys.com/ will not be crawled because it is a parent directory of /research/.
http://www.qualys.com/products/qg_suite/ and http://www.qualys.com/customers/ will not be crawled because they are not child directories of /research/.
Select the Add Multi-site Support link to select this option. When selected, the Domains section appears where you can select the domains to be scanned in addition to the virtual host. Note this link is not available if the "Limit crawling to starting URI and its sub-directories" option is selected. To turn this option off, select Remove Multi-Site Support.
The Domains section appears when the Add Multi-Site Support option is selected. Select one of these options to identify which domains are part of the web application:
Any sub-domain of. The web crawler will follow links to any sub-domain that is in the same domain as a domain name you specify. The domain name you enter must be a DNS hostname on your network (an IP address cannot be entered). Specify the domain name as .<domain name> (dot followed by domain name, not including angle brackets), where the dot acts as a wildcard match character.
For example, if your virtual host is "mystore.com" and you want the web crawler to follow links to any recognized sub-domain of "cars.mystore.com" and "furniture.mystore.com" then you enter ".mystore.com" (not including quotes) in the space provided.
Follow these domains only. The web crawler will follow links to one or more domain names you specify. Enter each domain as either an IP address or DNS hostname in the space provided. Multiple entries should be separated by comma or return characters. A maximum of 2048 characters may be entered in the space provided.
For example, if your virtual host is "mycompany.com" and you want the web crawler to follow links to domain names such as "outlet8.com" and "region6.com", enter these domain names in the space provided (not including quotes, separated by comma or space).
Select a default web application profile from the menu or select "None". The menu lists all custom web application profiles available in your account. The default profile is applied automatically when users launch or schedule scans on the web application.
The service provides a web application profile "Initial WAS Options" to help you get started.