OpenVAS

Vulnerability scanner crawler identifying security weaknesses

About this crawler

OpenVAS is a web crawler identified by the regular-expression pattern OpenVAS in the User-Agent request header. It is categorised as scanner. Use the regex above to detect, log, allow, or block OpenVAS traffic in your web server, CDN edge rules, or robots.txt.

Block-rate · top 25k sites

0.33%

latest snapshot
2026-06-04
matched key: OpenVAS

Technical details

Name: OpenVAS
Pattern: OpenVAS
Tags: scanner
Reference: https://openvas.org/
Added: 2026/04/17
rDNS suffixes: .openvas.org
Instances: 1 known sample(s)

rDNS verification (FCrDNS)

Verify a request is genuinely OpenVAS with forward-confirmed reverse DNS: the client IP's PTR record must end in one of the suffixes below and a forward A/AAAA lookup of that hostname must return the same IP. UA strings alone are spoofable; FCrDNS is not.

.openvas.org

Sample User-Agent strings

Mozilla/5.0 [en] (X11, U; OpenVAS)

Block this crawler

robots.txt — disallow OpenVAS:

User-agent: OpenVAS Disallow: /

Apache .htaccess — return 403:

RewriteEngine On RewriteCond %{HTTP_USER_AGENT} OpenVAS [NC] RewriteRule .* - [F,L]

Nginx — return 403 inside a server block:

if ($http_user_agent ~* "OpenVAS") { return 403; }

← back to all crawlers