Public-page-only limits

Before reducing selected pages

Public-page-only limits decide how much of an eligible public journey WebRiskOps may scan for the selected plan. The limit is not just a billing number; it protects the scan from drifting into private areas, unbounded crawls, unrelated domains or pages that are too broad to review meaningfully. Use this page after [Supported scopes](/docs/projects/supported-scopes) confirms the target is eligible, but before accepting scope. The selected pages should fit the plan page budget and still represent the customer journey you need checked.

Check plan limits in scan scope selection

Follow the path `Projects → Project detail → Scan scope selection → Selected scope → Scope acceptance`.

1. Open /projects and choose the project whose public journey you want scanned. Result: the project detail page shows Scan scope selection with a selected page count.
2. Read the Selected scope panel for Page budget, Crawl depth and Rate limit. Result: you know how many public pages the plan can scan and how deep the crawler can follow links.
3. Review each discovered URL group and its scan sample limit before selecting it. Result: broad groups such as products, articles or search pages do not silently consume the entire page budget.
4. Select only public same-domain pages that represent the journey you need checked. Result: the selected count stays at or below the plan page budget.
5. If the selected count exceeds the page budget, remove lower-priority groups or choose an eligible plan before acceptance. Result: the warning clears before billing, scanning or reporting starts.
6. Continue to Accepted scan scope when the selected public set fits the plan limits. Result: the approval record stores the exact page boundary the scanner must follow.

Decide which public pages stay selected

Choose representative public pages rather than every URL the crawler can discover.

• Keep public pages that prove the business journey: homepage, pricing, product detail, cart, public checkout information, contact, support, policies and visible lead forms.
• Reduce duplicate category, search, pagination, blog archive and product-grid pages when one representative page proves the same pattern.
• Exclude account dashboards, admin paths, password-protected pages, credential pages and payment completion screens even when they appear in links.
• Use manual URLs only when a missing public page belongs to the same accepted domain and still fits the page budget.
• Treat timeout and rate-limit values as scanner guardrails. If the journey needs more depth or pages, choose an eligible plan before accepting scope.

Blocked states

Do not accept scope while the selected set is over limit or includes unsafe pages.

• Plan limit reached means remove selected groups, remove manual URLs or choose an eligible plan before accepting scope.
• Private or login-required page means use [Unsupported targets](/docs/projects/unsupported-targets) and remove it from scope.
• Wrong domain means create or choose the correct project instead of expanding the current boundary.
• Manual URL rejected means check [Manual URLs and path rules](/docs/projects/manual-urls-and-path-rules) before adding it again.
• Too little coverage means select a more representative public group or plan, not a private page.

Continue to accepted scan scope

When the selected count is within budget and every selected page is public, same-domain and safe to render, continue to [Accepted scan scope](/docs/projects/accepted-scan-scope). That page records the exact plan-limited boundary used by live audits and reports.