Documentation Version: er2.0.28-docs-1.1


This section covers the following topics:

Set up a Website as a Target location

  1. From the New Search page, Add Targets.
  2. In the Select Target Type dialog box, select Server.
  3. In Enter New Target Hostname, enter the website domain name.
    To scan a website hosted at the URL, enter in the Enter New Target Hostname field.
    1. Click Test. If the host name is resolved, the Test button changes to a Commit button.
    2. Click Commit.
  4. On the left of the Select Types window, select Websites.
  5. Under Websites section, select Website (http://) or SSL Website (https://).
  6. Fill in the following fields:

    Field Description
    (Optional) Path

    See Path Options table to understand the parameters available to configure a website scan.

    If Path field is left blank, only resources available at the Target website root directory will be scanned.

    (Optional) Credential Label

    Enter a descriptive label for the credential set.

    Only "Basic" HTTP authentication scheme credentials are supported.
    (Optional) Username Enter your user name.
    (Optional) Password Enter your password.
    Agent to act as a proxy host

    The host name of the machine on which the Proxy Agent resides on. This selected Proxy Agent will be used to scan the website.

  7. Click +Add customized.

Path Options

The following options can be defined in the Path field to setup a website Target scan:

Options Description

Scan a specific directory on the website domain.

If folder is not defined in the Path field, only resources available at the Target website root directory will be scanned.


Define a custom port for the Proxy Agent to establish a connection with the server hosting the Target website.

If the Target website is hosted on a port other than the standard HTTP (80) or HTTPS (443) ports, the port option must be specified.


Specify the depth of the website scan:

  • If depth is not specified or (depth=0), the Agent will scan resources available only in the specified directory.
  • For (depth=x), the Agent will scan resources available in the specified directory and x levels down from the specified directory.

Specify the address of the HTTP proxy server.

If the Proxy Agent has to connect to the Target website via a HTTP proxy server, the <proxy> option must be specified.

The examples below describe the different scan scenarios based on the value in the Path field for a Target website hosted at

  1. folder1(depth=2)(port=8080)

    Proxy Agent will receive instructions to scan the resources available in the following directories on port 8080:

  2. (

    No folder or depth is defined. Proxy Agent will receive instructions to scan only the resources available in the root directory through the proxy server



Sub-domains are considered individual Targets, therefore each sub-domain must be licensed and scanned separately from apex domains.

Three separate licenses are required to scan the Targets below: