CodeWallDocs
Safety & Guardrails

Exclusions

Exclude specific paths, hosts, or actions from penetration testing.

Exclusions let you define what the agent should avoid during a test, giving you fine-grained control over the testing scope.

Path exclusions

Exclude specific URL paths or patterns:

/admin/*
/api/v1/payments/*
/api/v1/users/*/delete

The agent will not send any requests to excluded paths.

Host exclusions

Exclude entire hosts or subdomains:

payments.example.com
internal.example.com

Method exclusions

Restrict specific HTTP methods:

  • Block DELETE requests to prevent data removal
  • Block PUT/PATCH to prevent data modification
  • Allow only GET and POST for read-heavy testing

Configuring exclusions

  1. When creating a new test, expand the Scope section
  2. Add exclusion rules under Exclusions
  3. Use glob patterns for flexible path matching

Exclusions are enforced at the agent level — the agent validates every request against your exclusion rules before executing.

Production Safety

How to safely run penetration tests against production systems.

Integrations

Connect CodeWall with your existing tools and workflows.

On this page

Path exclusionsHost exclusionsMethod exclusionsConfiguring exclusions