Docs GitHub
-- --
Theme:
Language:
EN فا

HTTP Settings#

💡 Tip: You can change these settings directly in the bgscan application instead of editing the TOML file manually.

Navigate to SettingsHTTP Settings in the main menu to configure these options interactively using the TUI inspector.

Configuration file: settings/http_settings.toml

This file controls the HTTP/HTTPS/HTTP3 probe configuration, including target host, port, protocol, TLS settings, HTTP version, timeout, and accepted status codes.

Workers#

workers = 50

The number of concurrent workers performing HTTP requests. Higher values increase scan speed at the cost of greater CPU and network utilization.

Recommended values:

  • 10-50 for limited resources
  • 50-100 for typical use
  • 100-200 for high-performance scanning

Host#

host = "example.com"

The target host or URL path used for the HTTP request. This value can be either a plain host (example.com) or include a path (example.com/path). If a path is provided, it will be used in the request URL. The Host header will always use only the domain part.


Port#

port = 443

The target port for the HTTP/HTTPS connection. Common values are 80 for HTTP and 443 for HTTPS.

Recommended values:

  • 80 for HTTP
  • 443 for HTTPS
  • Other ports for non-standard services

Protocol#

protocol = "https"

The application protocol to use for the scan. Supported values are "http" or "https".


TLS Validation#

tls_validation = true

Enables strict TLS certificate validation when using HTTPS. When true, certificates must be valid and trusted by the system. When false, invalid, expired, or self-signed certificates are accepted.

Recommended:

  • true for production scans
  • false for testing or internal services with self-signed certs

HTTP Version#

version = "h1,h2"

The HTTP version to use for the scan. Supported values:

  • "h1" - HTTP/1.1 only
  • "h2" - HTTP/2 only
  • "h1,h2" - HTTP/1.1 and HTTP/2 negotiated via ALPN (default)
  • "h3" - HTTP/3 only (QUIC + TLS 1.3, ignores min/max_tls_version)

Timeout#

timeout = 4000

Maximum duration in milliseconds to wait for an HTTP response. Requests failing to complete within this window are considered failed.

Recommended values:

  • 2000-5000 for reliable networks
  • 5000-10000 for unreliable or distant networks

Prefix Output#

prefix_output = "http_"

The filename prefix applied to all output files generated by this module. Useful for distinguishing results when running multiple scans simultaneously.


TLS Floor/Ceiling#

min_tls_version = "tls1.1"
max_tls_version = "tls1.3"

The minimum and maximum TLS version allowed for HTTPS connections. Connections attempting to negotiate a lower version than min_tls_version will be rejected. Connections attempting to negotiate a higher version than max_tls_version will be limited to that version.

Supported values: tls1.0, tls1.1, tls1.2, tls1.3

Note: These settings are ignored when version = "h3" (HTTP/3) because HTTP/3 requires TLS 1.3.


Server Name Indication (SNI)#

server_name = ""

Optional TLS Server Name Indication (SNI) override. If set, this value will be used as the TLS server name during the handshake. If empty, the domain extracted from the host field is used automatically.


Accepted Status Codes#

accepted_status_codes = []

List of HTTP status codes considered successful by the scanner. Responses with a status code in this list are treated as valid results. Any status code not listed is considered a failed result.

Note: By default, all official HTTP status codes are accepted (empty list means no filtering).

Example:

accepted_status_codes = [200, 204, 301, 302, 307, 308]

This would consider only 200, 204, 301, 302, 307, and 308 as successful.