What is scan root?
Scan root is the path to the starting point of the web application relative to the base Web Application URL. Together these values define the URL that the scanner will open to begin crawling your site. Scan root may be a web path or a web page (or both). For example, if your web application is accessed at http:///www.trendmicro.com/csr/index, then the base Web Application URL is http://www.trendmicro.com/ and the scan root should be /csr/index. By default, the path begins with a slash (/) (Ex: /directory). All sub-directories of the path you specified will be included.
If you do not specify a "scan root" directory or file, the scanner will begin crawling your web application by opening the base Web Application URL.
What is restrict path?
Restrict path is the path in your web application which the scanner will restrict when scanning your site. It is specified relative to the base Web Application URL. The scanner will follow links that fall on the specified path.
To configure:
- Log in to the Deep Security for Web Apps console.
- Go to Administration > Web Applications.
- Select the web application you want to configure.
- Go to Application Scanner Settings to configure web application scanning. Go to Malware Detection Settings for malware scanning.
- Specify the scan root or restrict path settings.
- Under Web Application Scope, you can specify the file or directory path you want to exclude in scanning.