The time required for web scanning with Acunetix Web Vulnerability Scanner (WVS) varies depending on the size and complexity of the target website, the response time of the web server, the type of scan you are running (Quick, Heuristic or Extensive) and the scanning profile used. Therefore, web scanning may vary from a few minutes to several hours.

During web scanning, Acunetix WVS will send thousands (sometimes even hundreds of thousands) of HTTP requests to the target website. If Acunetix WVS sends 20,000 HTTP requests to a website, and the average response time of the web server is 1000ms (1 second), then web scanning will take around 20,000 seconds to complete, or about 5 and a half hours.  A typical good web server response time is about 200ms. Server response time can vary depending on the speed of your internet connection and also on the performance of the server.

To help you shorten the web scanning duration, you can also increase the number of parallel HTTP requests that Acunetix WVS sends to the target server. These can be increased by navigating to the Tools Explorer> Configuration > Scan Settings > HTTP Options > HTTP General node.

The default number of parallel connections is 10, while the maximum can be set to 25. Please note that increasing the number of parallel HTTP requests can also result in flooding or overloading the web server with HTTP requests, which can exponentially increase the response time from the web server. Therefore, before making such changes ensure that the target web server can handle the increase in load.



Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.