Skip to main content
All CollectionsExternal vulnerability scanningFAQs
My servers are load balanced. What do I do?
My servers are load balanced. What do I do?

Whether your systems are load balanced via hardware or software, this article discusses best practise for scanning them.

Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

Typically, systems that sit behind a load balancer, will not be exposed to the internet (they may be firewalled off from the internet, or sit on an internal network not accessible to Intruder's scanners). In this case, Intruder won't be able to scan the individual servers that the load balancer proxies traffic for.

However, if your load balanced systems have at least one port/service exposed to the internet, then we recommend adding them as targets, per this article.

If you're not sure how many of your systems are exposed, simply add all of them to Intruder and Smart Recon will tell you which are active and which are unresponsive. (FYI: you only pay to scan active targets.) For those on our Pro and Vanguard plans, we take it one step further and display the hostname and the IP address it resolves to; open ports, protocols and services as well as service information, such as software version numbers – all of which can be found in Network View.

Should I add the IP address of domain name?

We recommend scanning via a domain name rather than an IP as the server responds differently. With a domain name there is more attack area to test, meaning we might find more – though, that does not necessarily mean that we won't find anything when targeting an IP, it just might yield less; furthermore, it is sometimes still useful for peace of mind.

My targets are hosted in GCP, Azure or AWS

If your targets are hosted in one of the three cloud platform mentioned above, we recommend trying out our cloud integration, as it may uncover some additional assets that you didn't know about.

Did this answer your question?