When scanning a website or web application using Acunetix, your hosting provider may block your IP address, and as a result, you may not be able to access your own website. After requesting the hosting provider, the site becomes available again. How can you configure or use Acunetix WVS in a way that reduces the possibility of an ISP blocking the IP address of the computer which accesses the site using test tools?
Why does this happen?
ISPs typically block repeated requests coming from a single IP address using an IDS (Intrusion Detection Systems). The ISP’s IDS would typically automatically block an IP address when too many requests are coming from a specific IP address in a short amount of time. This is done to protect the website or web application from a Denial of Service (DoS) attack.
How can I handle this?
Whenever running a scan on third-party infrastructure, it is very important to co-ordinate with the ISP, hosting provider or cloud service on a ‘time-window’ when you can run your Acunetix scan without getting blocked. Alternatively, you can configure Acunetix to reduce the speed at which it makes its requests to reduce the possibility of being caught by some IDS mechanisms, however, keep in mind that because Acunetix would be sending requests at a slower rate, the scan would require more time to complete.
Finally, be careful when running a scan against a live site as, if misconfigured, a scan could potentially be dangerous to the underlying data. Tests preformed may attempt to inject spurious values into inputs found across the site. You can read more why such might happen from the blog post Negative Impacts of Automated Vulnerability Scanners and How to Prevent them
Get the latest content on web security
in your inbox each week.