Configuring accessibility scan rules means selecting which Web Content Accessibility Guidelines (WCAG) success criteria your automated scans evaluate and at what conformance level. Most scanning tools ship with a default ruleset, but adjusting that ruleset gives you control over what gets flagged, what gets ignored, and how results align with your conformance target.
| Key Point | What It Means |
|---|---|
| Ruleset | A collection of individual rules mapped to WCAG success criteria that a scan evaluates against |
| Conformance Level | Most organizations target WCAG 2.1 AA or 2.2 AA, which determines which rules are active |
| Custom Rules | Some tools allow you to enable, disable, or weight individual rules within a ruleset |
| Scan Coverage | Scans detect approximately 25% of accessibility issues regardless of how rules are configured |
What Is a Scan Ruleset?
A ruleset is the full collection of checks a scan runs against each page. Each rule maps to one or more WCAG success criteria. When a scan loads a page, it evaluates the HTML, CSS, and ARIA attributes against every active rule in the set.
Default rulesets typically include rules for WCAG 2.1 Level A and Level AA criteria that can be evaluated through code inspection. Selecting a different conformance target, such as WCAG 2.2 AA, changes which rules the scan applies.
Choosing a Conformance Level Target
The first configuration decision is which WCAG version and level your scan should evaluate against. WCAG 2.1 AA is the most common target for legal and regulatory alignment, including ADA Title II requirements. WCAG 2.2 AA is the current version and includes criteria beyond 2.1.
Setting the conformance level in your scan configuration filters the active rules to match that target. Rules for criteria outside your selected level are either hidden from results or disabled entirely, depending on the tool.
Enabling and Disabling Individual Rules
Beyond selecting a conformance level, many scanning tools let you toggle individual rules on or off. This is useful when a specific rule produces repeated flags that your team has already reviewed and accepted as intentional design decisions.
Disabling a rule removes it from scan results entirely. This reduces noise but also creates a blind spot. Document which rules are disabled and the reasoning behind each exception so future team members understand the decision.
Configuring Rule Severity and Prioritization
Some tools allow you to assign severity levels or custom weights to individual rules. A rule flagging missing form labels might be weighted higher than a rule flagging a missing landmark region, based on how each issue affects users of assistive technology.
Prioritization by user impact helps teams focus remediation efforts on the issues that matter most. Risk factor scoring, which accounts for legal exposure alongside user impact, adds another layer to how scan results are ranked.
What Rule Configuration Does Not Change
Configuring rules controls what the scan checks. It does not expand what scans are capable of detecting. Automated scans evaluate code structure and attributes. They cannot assess whether content is logically organized, whether interactive components behave as expected with a screen reader, or whether the reading order makes sense to a keyboard user.
That 25% detection ceiling applies regardless of how precisely you configure your ruleset. The remaining 75% of WCAG criteria require a manual audit conducted by an accessibility professional who can evaluate context, behavior, and user experience.
Keeping Rulesets Updated
WCAG evolves, and scanning tool vendors update their rule libraries to reflect new criteria. When a tool updates its ruleset, review the changelog to understand which rules were added, modified, or deprecated. An outdated ruleset evaluates against criteria that may no longer reflect your conformance target.
Schedule a review of your scan configuration at least quarterly to confirm the active ruleset matches your current WCAG target and organizational priorities.
A well-configured ruleset makes scan results more relevant and actionable, but it is one component of a broader accessibility evaluation strategy that includes both automated scans and professional audits.