Some website security tools will stop connections from an IP address that it suspects of foul play. Your web host may provide this kind of security without you even knowing it. While generally this is a good thing, it makes our testing of the code in the website impossible. Our scanning can look like an attack and our scanner’s IP address will be blocked.

Does this mean your site is protected? Sorry, no. A real attacker will test (attack) your site from hundreds (or thousands) of different IPs to avoid this kind of security protection and will find vulnerabilities anyway. Because we work from just one IP address our scanner is very easy for these tools to spot and block. It’s not a valid test of your security.

The solution: Please ask your host to ‘white list’ our IPs. The list appears here: When this has been done ask our support to start scanning again.