When a scan is run targeting a hostname, by default AppCheck resolves the hostname to an IP address using public DNS.

There may be times when you cannot or do not wish to use the IP address returned by public DNS. In such situations there are two possible solutions:

1. Use a Private Scan Hub With A Hosts File
2. Specify Address Mappings In Scan Configurations

Use a Private Scan Hub With Host Entries

If you have purchased an AppCheck Private Scan Hub you can configure its equivalent of a hosts file via the interface within the main AppCheck Dashboard (not the Scan Hub's local dashboard):

1. Scan Hubs
   1. [your private scan hub]
      1. Host Entries

Example

Specify Address Mappings in Scan Configurations

You can specify hostname/IP address mappings in individual scan configurations, which will be used instead of any entries in public DNS or private scan hubs' hosts files.

Adding a custom mapping to a scan configuration is done in the following location:

1. Scan Settings
   1. Advanced Config Settings
      1. Config Flags

You will need to add a line of JSON, in this format:

DNS:{"example.com": "203.0.113.69"}

There should only be one line, but it can contain multiple hostname/IP address pairs, eg

DNS:{"example.com": "203.0.113.69", "www.example.com": "203.0.113.69", "api.example.com": "203.0.113.45"}

Remember to include mappings for subdomains when required, as they will not automatically use the mapping provided for the parent domain.