When doing automated web vulnerability scans you might need to exclude a part of a web application from the scan. For example you do not want Netsparker Desktop or Netsparker Cloud to scan the contact form or guest book page on your production website.
Below are five different methods which you can use to exclude parts of your website from an automated web application security scan:
If you are new to Netsparker please read Before Using Netsparker.
NOTE: When a part of a web application is excluded from a web security scan it means that the Netsparker web vulnerability scanner WILL NOT SCAN that part of the web application for vulnerabilities. Therefore we suggest you to test any exclusion rules in doing this in your testing environment first so you are sure which parts of the web applications will be scanned.