Scanfully scans your site from the outside, the same way an unauthenticated visitor would experience it. Both Broken Links and Broken Media checks rely on what can be discovered during an initial page load.
Scanfully does not log in, does not execute user-specific actions, and does not access your WordPress database or internal APIs.
Content That Is Not Scanned
Some links and media may not appear in your reports because they are not accessible during an external scan.
This includes links or media that:
• Only appear after user interaction, such as clicks or form submissions
• Require authentication or user-specific permissions
• Are injected dynamically by JavaScript after the initial page load
• Are conditionally loaded based on cookies, location, or user state
If a browser cannot discover the resource on first load, Scanfully cannot evaluate it.
Access Restrictions and Firewalls
If your site uses firewalls, geo-blocking, bot protection, or IP allowlists, Scanfully may be blocked from accessing certain pages, links, or media. You can add our IP address to allow us access.
When this happens, affected links or media may appear as broken even if they work for some visitors. Scanfully reports what it can reach, not what might work under different conditions.
What Scanfully Does Not Interpret
Scanfully reports delivery behavior, not intent.
It does not decide whether a broken link was intentional. It does not assume a missing media file is acceptable. If a link or resource fails to load, it is reported.
This applies equally to Broken Links and Broken Media.
Why These Limits Exist
These limits are intentional. By scanning from the outside, Scanfully avoids adding load to your WordPress site, avoids storing content internally, and reports what real visitors experience.
This keeps results accurate, fast, and actionable across both Broken Links and Broken Media scans.
