HTTP Settings#
💡 Tip: You can change these settings directly in the bgscan application instead of editing the TOML file manually.
Navigate to Settings → HTTP Settings in the main menu to configure these options interactively using the TUI inspector.
Configuration file: settings/http_settings.toml
This file controls the HTTP/HTTPS/HTTP3 probe configuration, including target host, port, protocol, TLS settings, HTTP version, timeout, and accepted status codes.
Workers#
workers = 50The number of concurrent workers performing HTTP requests. Higher values increase scan speed at the cost of greater CPU and network utilization.
Recommended values:
10-50for limited resources50-100for typical use100-200for high-performance scanning
Host#
host = "example.com"The target host or URL path used for the HTTP request. This value can be either a plain host (example.com) or include a path (example.com/path). If a path is provided, it will be used in the request URL. The Host header will always use only the domain part.
Port#
port = 443The target port for the HTTP/HTTPS connection. Common values are 80 for HTTP and 443 for HTTPS.
Recommended values:
80for HTTP443for HTTPS- Other ports for non-standard services
Protocol#
protocol = "https"The application protocol to use for the scan.
Supported values are "http" or "https".
TLS Validation#
tls_validation = trueEnables strict TLS certificate validation when using HTTPS.
When true, certificates must be valid and trusted by the system.
When false, invalid, expired, or self-signed certificates are accepted.
Recommended:
truefor production scansfalsefor testing or internal services with self-signed certs
HTTP Version#
version = "h1,h2"The HTTP version to use for the scan. Supported values:
"h1"- HTTP/1.1 only"h2"- HTTP/2 only"h1,h2"- HTTP/1.1 and HTTP/2 negotiated via ALPN (default)"h3"- HTTP/3 only (QUIC + TLS 1.3, ignores min/max_tls_version)
Timeout#
timeout = 4000Maximum duration in milliseconds to wait for an HTTP response. Requests failing to complete within this window are considered failed.
Recommended values:
2000-5000for reliable networks5000-10000for unreliable or distant networks
Prefix Output#
prefix_output = "http_"The filename prefix applied to all output files generated by this module. Useful for distinguishing results when running multiple scans simultaneously.
TLS Floor/Ceiling#
min_tls_version = "tls1.1"
max_tls_version = "tls1.3"The minimum and maximum TLS version allowed for HTTPS connections.
Connections attempting to negotiate a lower version than min_tls_version will be rejected.
Connections attempting to negotiate a higher version than max_tls_version will be limited to that version.
Supported values: tls1.0, tls1.1, tls1.2, tls1.3
Note: These settings are ignored when version = "h3" (HTTP/3) because HTTP/3 requires TLS 1.3.
Server Name Indication (SNI)#
server_name = ""Optional TLS Server Name Indication (SNI) override.
If set, this value will be used as the TLS server name during the handshake.
If empty, the domain extracted from the host field is used automatically.
Accepted Status Codes#
accepted_status_codes = []List of HTTP status codes considered successful by the scanner. Responses with a status code in this list are treated as valid results. Any status code not listed is considered a failed result.
Note: By default, all official HTTP status codes are accepted (empty list means no filtering).
Example:
accepted_status_codes = [200, 204, 301, 302, 307, 308]This would consider only 200, 204, 301, 302, 307, and 308 as successful.
Related Files#
general_settings.toml— Global scan control and pipeline modeicmp_settings.toml— ICMP scan configurationtcp_settings.toml— TCP port scan configurationdns_settings.toml— DNS scan configurationxray_settings.toml— Xray outbound validationwriter_settings.toml— Result output configuration