What do my Website Protection Site Scanner results mean?
NOTE:Some features in this article are only available in the full version of Site Scanner. For more information on how to upgrade, see Upgrading from Website Protection Malware Scanner to Website Protection Site Scanner.
Website Protection Site Scanner provides easy-to-read results for every daily scan. Your results display as "Pass" or "Fail" based on the total number and severity of issues on your website. There are four types of issues:
Issue Types
Informational — Low-risk issues. For example: Auto-complete is not disabled on password fields. These issues carry the least weight in your overall score.
Warning — Medium-risk issues. For example: The remote Web server might transmit credentials in cleartext, or The remote server is prone to Cross-Site Scripting (XSS) attacks. Site Scanner scores warning vulnerabilities based on the issue, and does not weigh them as heavily as critical issues.
Critical — High-risk issues. For example: A CGI application on the remote Web server is potentially prone to information disclosure or privilege escalation. Site Scanner scores critical issues based on the issue, and they carry the most weight in your overall score. You should correct critical issues immediately.
Malware — High-risk issues. For example: A URL has been identified as potentially suspicious in your site's content. If Site Scanner identifies malware issues, your site receives a "Fail" score. You should correct malware issues immediately. For more information about malware, see What should I do if Website Protection Site Scanner identifies malware on my site?
Site Scanner scores each issue individually, placing more weight on higher-risk or malware vulnerabilities. For example, your site can have several informational issues but still receive a "Pass" score. Alternately, only one critical issue might generate a "Fail" score.
