Config Variables

The configuration files are formated like a standard Unix configuration file: blank lines are ignored, any line starting with a # is ignored, variables are set with VariableName=Value line.

CLIOPTS

Default options that should always be passed to the command line. For example:

CLIOPTS=-output results.txt -Format text

Default Setting

CLIOPTS=

NIKTODTD

Path to the location of the DTD used for XML output. If the path is not absolute then it will be relative to the directory where Nikto is executed.

Default Setting

NIKTODTD=docs/nikto.dtd

RFIURL

Full URL to an file for remote file inclusion. This file should contain a call to phpinfo(), as Nikto will look for the output of that command to determine that the RFI succeeded. You may use the default cirt.net file, but please keep in mind there must be connectivity from the target server to cirt.net, it's subject to cirt.net's availability, and successful requests will be logged (by Apache). We recommend you use your own.

Default Setting

RFIURL=http://cirt.net/rfiinc.txt?

SKIPPORTS

This configuration item defines ports that would never be scanned by Nikto.

Default Setting

SKIPPORTS=21 111

SKIPIDS

Contains a space separated list of Test IDs (tids) that Nikto will not run on the system, for example:

SKIPIDS=000045 000345

Note, this filter only applies to tests in the db_tests database