What not to do when changing a configuration file


We've had a couple of bugs raised after some people have upgraded Nikto 2.02 to Nikto 2.03 and kept the same configuration file.

To fix a bug there was a wee change to the configuration file with Nikto 2.03, but there was no extra check in the code to give the new setting a default value.

If you have problems with Nikto 2.03 failing to find web servers, check config.txt and ensure that the below line is present:


(This line defines which HTTP methods Nikto uses to check whether an HTTP server is listening).

Nikto 2.10 (currently in development) has a fix for similar situations, where default options can easily be defined for new configuration directives.