Modern bot protection systems — including Cloudflare, AWS WAF, and similar platforms — can challenge or block automated traffic, including legitimate compliance scanners. The Secure Privacy scanner needs reliable, uninterrupted access to your website to detect consent banners, cookies, trackers, and privacy signals accurately. The recommended approach is to create an IP-based allowlist using the scanner IP addresses provided by Secure Privacy.
Who Is This For?
Website administrators and DevOps teams managing firewall, CDN, or WAF rules that may block automated traffic
Compliance teams troubleshooting failed or incomplete Secure Privacy scans caused by bot protection challenges
Security teams configuring allowlist rules for the Secure Privacy scanner IP addresses
How It Works
What you configure: An allowlist rule in your firewall, CDN, or WAF that permits the Secure Privacy scanner's IP addresses to bypass bot challenges and strict rate limits.
What Secure Privacy provides: A current list of scanner IP addresses — available on request by emailing [email protected].
Quick Start: Allow the Secure Privacy Scanner in 3 Steps
-
Request the scanner IP list. Email [email protected] with the subject line "Scanner IP allowlist". Include your domain(s) and environments — for example, production and staging.
-
Create an allow rule. In your firewall, CDN, or WAF, create a rule that allows or bypasses bot protection for the provided scanner source IPs.
-
Verify the scan. Run a scan from your Secure Privacy dashboard — or ask support to trigger one — and confirm that no challenges or blocks occur.
Tip: Place the allowlist rule near the top of your rule set so it takes precedence over generic bot protection and rate-limit policies.
Frequently Asked Questions
Why do I need to allowlist the Secure Privacy scanner?
Bot protection systems cannot distinguish between malicious crawlers and legitimate compliance scanners. Allowlisting the Secure Privacy scanner's IP addresses ensures accurate privacy and compliance scanning without triggering human verification challenges or false blocks that would produce incomplete scan results.
How do I get the current scanner IP addresses?
Email [email protected] with the subject "Scanner IP allowlist". The support team will provide the up-to-date IP list and can notify you of any future changes upon request.
Do the scanner IP addresses change?
Rarely, but yes — the scanner IPs can change. If your scans begin failing or returning incomplete results, re-request the current IP list from support and update your allowlist rule accordingly.
Will allowlisting the scanner IPs weaken my site security?
No. You are only granting access to a specific, known set of IP addresses — not opening your site to general automated traffic. Keep the allowlist rule narrowly scoped to the provided IPs and maintain all existing bot protection and security policies for all other traffic.
Need Help?
Contact the Secure Privacy support team at [email protected] — we are happy to assist with IP requests, rule configuration guidance, or troubleshooting failed scans.