What is a FQDN?

Fully Qualified Domain Name (FQDN) in eBuilder Security’s Vulnerability Scanning Service is a website or web application that you would like to scan for security vulnerabilities. In general, a FQDN is required for each web application and for each domain. For Vulnerability Scanning purposes, the following rules apply:

  • localhost and consume 1 FQDN
  • example.com and www.example.com count as 1 FQDN
  • https and http count as 1 FQDN
  • Subdomains are different FQDNs, e.g. www.example.com and www2.example.com consume 2 FQDNs
  • Different URLs in the same domain count as 1 FQDN, e.g. www.example.com and www.example.com/blog/ consume 1 FQDN
  • Different ports for the same address count as 1 FQDN, e.g. www.example.com:8080 and www.example.com:8888 consume 1 FQDN
  • Acunetix test sites (vulnweb.com) do not consume any FQDNs
  • There is an upper limit to the number of targets you can create, irrespective of how many variations are created following the above rules; this limit is equal to 5 times the number of FQDNs purchased