Creating Your First Scan

Detailed guide on setting up and configuring your first security scan in WebSecurityScore.

Overview

This guide walks you through creating and configuring your first security scan.

Prerequisites

  • Active WebSecurityScore account
  • Website URL you want to scan
  • Permission to scan the website (you must own it or have authorization)

Creating a Scan

1. Navigate to Scans

From your dashboard, click “Scans” in the left sidebar, then click “New Scan”.

2. Enter Website Details

Website URL

  • Enter the full URL including protocol (https://)
  • Example: https://example.com

Scan Name (optional)

  • Give your scan a descriptive name
  • Example: “Production Website” or “Staging Environment”

3. Configure Scan Settings

Scan Type

  • Quick Scan: Fast scan covering common vulnerabilities (5-10 minutes)
  • Standard Scan: Comprehensive scan of all pages (15-30 minutes)
  • Deep Scan: Thorough scan including authenticated areas (30-60 minutes)

Scan Frequency

  • On-Demand: Manual scans only
  • Daily: Automatic daily scans at 2 AM UTC
  • Weekly: Scans every Monday at 2 AM UTC
  • Monthly: First day of each month

Authentication (optional) If your site requires login:

  • Enable “Authenticated Scanning”
  • Provide login credentials
  • Specify login URL and form fields

4. Advanced Options

Scan Depth

  • Maximum pages to scan (default: 100)
  • Increase for larger sites

Excluded Paths

  • URLs to skip during scanning
  • Example: /admin/delete, /logout

Custom Headers

  • Add custom HTTP headers if needed
  • Example: API keys, custom authentication

5. Start the Scan

Click “Start Scan” to begin. You’ll see:

  • Real-time progress indicator
  • Pages scanned count
  • Estimated time remaining

During the Scan

What Happens

The scanner will:

  1. Crawl your website to discover pages
  2. Test for common vulnerabilities
  3. Check security headers and configurations
  4. Analyze SSL/TLS certificates
  5. Test for OWASP Top 10 vulnerabilities

Monitoring Progress

  • View live scan progress in the dashboard
  • Receive notifications when complete
  • Cancel scan anytime if needed

After the Scan

Scan Complete Notification

You’ll receive:

  • Email notification with summary
  • In-app notification
  • Webhook notification (if configured)

Viewing Results

Click “View Results” to see:

  • Overall security score
  • Vulnerability breakdown
  • Detailed findings
  • Remediation recommendations

Scan Limits

Different plans have different limits:

PlanScans/MonthPages/ScanScan Types
Free1050Quick only
Starter100100Quick, Standard
Professional500500All types
EnterpriseUnlimitedUnlimitedAll types

Best Practices

Scan Staging First

Always test on staging environments before scanning production.

Schedule Off-Peak Scans

Schedule automatic scans during low-traffic periods to minimize impact.

Use Authentication Carefully

Store credentials securely and use test accounts when possible.

Review Exclusions

Exclude destructive actions like delete, logout, or payment endpoints.

Troubleshooting

Scan Failed

Possible causes:

  • Website is down or unreachable
  • Firewall blocking our scanner
  • Invalid authentication credentials

Solutions:

  • Verify website is accessible
  • Whitelist our IP addresses
  • Check authentication settings

Scan Taking Too Long

Possible causes:

  • Large website with many pages
  • Slow server response times
  • Deep scan selected

Solutions:

  • Reduce scan depth
  • Use Quick Scan for faster results
  • Exclude unnecessary paths

No Vulnerabilities Found

This is good! But verify:

  • Scan completed successfully
  • All important pages were scanned
  • Authentication worked (if needed)

Next Steps

Need Help?

Contact our support team:

Was this article helpful?

Ready to get started?

Start your free trial today. No credit card required.

Start Free Trial