Security Settings

In the Security Settings window, you can enable, add and set security measures while scanning. You can also make user sessions IP restricted, prevent internal scanning, enable localhost scanning, and add new authorized IP addresses.

Security Settings is available in the Netsparker Enterprise On-Premises Edition only.

For further information, see Overview of Settings in Netsparker Enterprise and Netsparker Editions.

Security Settings Fields

This table lists and explains the fields in the Security Settings window.

Field

Description

IP Restricted Sessions

Enable this option to restrict sessions' access to Netsparker to the IP Addresses listed. The same cookie cannot be used to access Netsparker from a different email address.

Prevent Internal Scanning

Enable this option to prevent Netsparker from scanning internal IP address blocks.

Enable Localhost Scanning

Enable this option to allow Netsparker to scan localhost. For example if you’ve already built your website on localhost:95, please enable it for scanning.

AUTHORIZED IP ADDRESSES

This is a list of IP Addresses that have been specifically authorized to access Netsparker.

If you want to serve the application behind a load balancer, you must add its IP address to this list. Otherwise IP Based Cookies will not work.

NAME

This is the name of the IP Address.

REGEX PATTERN

This is the Regex Patterns of the IP Address.

How to Enable Security Settings

  1. From the main menu, click Settings, then Security. The Security Settings window is displayed.

  1. Enable the IP Restricted Sessions checkbox.
  2. Enable the Prevent Internal Scanning checkbox.
  3. Enable the Enable Localhost Scanning checkbox.
  4. Click Save.

How to Add an Authorized IP Address

  1. From the main menu, click Settings, then Security. The Security Settings window is displayed.
  2. In the Authorized IP Addresses panel, click New.
  3. Complete the Authorized IP Addresses, Name and Regex Pattern fields.
  4. Click Save.

How to Delete an Authorized IP Address

  1. From the main menu, click Settings, then Security. The Security Settings window is displayed.
  2. In the Authorized IP Addresses panel, click the Delete button () next to the relevant IP address.
  3. Click Save.
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO