What is a FQDN?
Fully Qualified Domain Name (FQDN) in eBuilder Security’s Vulnerability Scanning Service is a website or web application that you would like to scan for security vulnerabilities. In general, a FQDN is required for each web application and for each domain. For Vulnerability Scanning purposes, the following rules apply:
- localhost and 127.0.0.1 consume 1 FQDN
- example.com and www.example.com count as 1 FQDN
- https and http count as 1 FQDN
- Subdomains are different FQDNs, e.g. www.example.com and www2.example.com consume 2 FQDNs
- Different URLs in the same domain count as 1 FQDN, e.g. www.example.com and www.example.com/blog/ consume 1 FQDN
- Different ports for the same address count as 1 FQDN, e.g. www.example.com:8080 and www.example.com:8888 consume 1 FQDN
- Acunetix test sites (vulnweb.com) do not consume any FQDNs
- There is an upper limit to the number of targets you can create, irrespective of how many variations are created following the above rules; this limit is equal to 5 times the number of FQDNs purchased