How to include or avoid ports in Application Scanning

Web applications can run a variety of ports, hence, it is possible to configure Application Scanning to scan on any ports. The default is that Application Scanning will scan port 80 and 443. 

In order to see which ports were assessed during the scan, we provide a finding titled “Discovered Hosts”, which you can find in the results.

Scanning other ports than 80 and 443

If your web application is hosted on other ports than 80 and 443, you can update the Application Scanning settings  for the scan profile and specify which ports Application Scanning should scan. The settings is called "Which ports must we include?". 

Avoid scanning port 80 and/or 443

If your web application is hosted on a different port than 80/443, you might want to update the Application Scanning settings  to not scan 80 and443. We suggest that you remove 80 and 443 from the setting "Which ports must we include?" and add 80 and 443 to the settings "Which ports must we avoid?".
You should also make sure that the setting "Should we scan common ports?" is off.

Port scanning

There's a toggle in the Application Scanning settings called "Should we scan common ports?". When this setting is on, our scanner checks against a range of commonly exposed ports, which include standard ports such as 80, 443, 8080, 8081, as well as ports related to specific technologies, such as 3000, 5432, 7001. 

This port scanning might be interpreted as intrusive by WAFs, so we recommend to keep this setting off, and to specify the ports Application Scanning should scan with the settings "Which ports must we include?" and "Which ports must we avoid?".


Q: Do I need to include ports 80 or 443 in order to run a scan?

A: There is no need to include either ports 80 or 443. For example, your web application can run on 8080, and simply including that, and disabling scanning common ports will allow proper scanning of the application.