Troubleshooting tips

You can troubleshoot most scan problems by viewing the QIDs in the scan results. Go to Scans > Scan List, click the scan you want to troubleshoot, then click the View Report button in the preview pane.

What should I do if authentication fails?

See if the scan used the correct authentication record(s). When you open QID 150008 Web Application Authentication Failed. You’ll find the authentication record(s) in the Results section. If a Selenium script was used for authentication, open QID 150095 to see the Selenium script. Tell me more about Selenium Scripts

How can tell if the scan found the correct login form?

View the scan results report. In the details of QID 150008 you'll see the URI where our service attempted to log in. Check your web application to see if this is the correct URI for the login form.

1) Go to the web application login form page in your browser.

2) Right click the login inputs form (generally the username and password fields) and choose"View Source".

3) Search for the keyword "<form"

4) If you see more than one result, see if <input type="password" is close by or between the opening <form and closing </form> tags that you found.

6) In that form look for the action keyword. A typical form would look like this:

7) See if the URI our service POSTed to (/fo/user_login.php in our example) matches the URI you see in the QID 150008.

What can I do about the No Hosts Alive status?

1) Verify in a browser that the IP address or FQDN and the provided port loads the web application.

2) Verify that the web application, as defined in your account, has the correct IP/FQDN and port.

5) Check with the network administrator to ensure that the web application has the necessary access (IP address and port) from outside (if using the External scanners) or from the IP address assigned to the Scanner Appliance (if using a scanner appliance).

Tell me about QID 150018 Connection Error Occurred During Scan

One of two things happened if your scan results report QID 150018 Connection Error Occurred During Scan. Either 1) your scan didn’t reach the maximum number of connection errors/timeouts and the scan was able to finish properly, or 2) your scan reached the maximum number of connection errors/timeouts and therefore did not finish the whole scan as expected. What can I do about it?

Tell me about QID 150024 Web Application Scan Time Limit Reached?

- Slow network connections, such as scanning across a WAN link, can increase the time it takes to make each request.

- Web application contains a lot of parameters (URIs and forms). The number of parameters directly affects the number of tests to be performed and, in turn, increases the overall scan time.

How can I find out where the scan stopped?

When a scan times out, you can determine where it stopped by reviewing QID 150021 Scan Diagnostics. Learn more

How can I reduce the overall scan time?

This is the recommended solution by far because it does not rely on omitting links from the scan. The rule of thumb on how to select QIDs efficiently is to determine where the scan stopped, then create an option profile containing only the missing QIDs for the next scan. If the scan times out again, create more option profiles each with only one or two vulnerability-related QIDs.

Crawling fewer links reduces the number of requests that must be made for crawling and performing tests. Selecting too few links to crawl may cause the scanner to miss portions of the web application. Links that are not crawled are links that are not tested.

By doing this you prevent all the tests against forms, which gains time. But any vulnerability in a form will go undetected.

This measure can reduce scan time by reducing links crawled. But remember that links that are not crawled are also not tested for vulnerabilities.

Why did my scan crawl only one link?

- Open QID 150009 Links Crawled and copy the URL into your browser to see if it's the starting URL of your site. If not you just need to edit the web application and update the Starting URL setting.

- Check your web application settings to be sure the starting URL is not added to the exclude list.

Scan troubleshooting tips

Recommended first steps