All Collections
External vulnerability scanning
My websites are hosted behind Cloudflare. Will Intruder still work?
My websites are hosted behind Cloudflare. Will Intruder still work?

This article explains how to set up Intruder to correctly scan web servers which are hosted behind Cloudflare

Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

Yes, absolutely.

But it's important that you set up your targets in Intruder's portal in the right way to ensure that our scanning engines can correctly reach the intended target (website and/or the underlying server).

What do I add as a target?

πŸ‘‰ I only want to scan the website / web-application

All you need to do is add the domain

πŸ‘‰ I want to scan the underlying server

You will need to add the IP address of the server.

πŸ‘‰ I want to scan both the website and underlying server

You would need to add both the domain name and the IP address. This will require two licenses.

How do I avoid scan interference?

Does this affect my network view?

Cloudflare can sometimes interfere with network view – which is where we show you which ports and services you have open to the internet – and so we've outlined the expected behaviour below.

Domains behind Cloudflare

Whenever you scan a domain, the scanner will automatically look for the IP address that it resolves to. This IP address will belong to the CDN if there is one in place.

You'll notice in your Network view that we flag CDNs and comment "we are limiting results for this target as it is part of a CDN". If we didn't, your portal would be populated with the network findings of the CDN and not your own environment, which isn't of interest to you (and could get confusing).


IP addresses behind Cloudflare

If you add the IP address the scanner will reach out to that IP address directly and report any open ports as normal:

Did this answer your question?