When performing CGI scans, Tenable recommends several strategies:
- By default, Nessus will only mirror 200 pages for a scanned site. If your site has more pages than this, you should increase this value to a relative amount.
- Plugin #29871 is dependent on the webmirror.nasl script so this plugin (#10662) should either be enabled, or the test should be performed with dependencies enabled at runtime.
- If you are scanning web servers that run on ports other than 80 or 443, be sure to include these in your scan policy.