Required exclusions for Antivirus on Windows

Jerome.Jargot
Blog Categories: 

Component: Windows | Component: Antivirus

Antivirus

The antivirus software companies may provide a list of exclusion and a recommended configuration for java-based servers, and database servers.
Retrieve this information from the official web site of the antivirus.

Virtualization

The official web site of the VM solution in use may provide a list of exclusions and a recommended configuration for the antivirus.
Retrieve this information from the official web site of the VM solution in use.

Database Server

Exclude the working directories, and directories where binaries and data files are located, from the antivirus scanning.
Retrieve this information from the official web site of the database server.

Java Application Server

When you deploy an antivirus program on a server, make sure that the folder exclusions, process exclusions and file name extension exclusions that are listed below are configured for both memory-resident and file-level scanning:

  • Folder exclusions
    • the directory were the application server is installed and all its sub directories
    • the temp directory of the application server
    • the directory pointed out by the java.io.tmpdir system variable use with the javacommand
  • Process exclusions
    • the java.exe used to start the application server
  • file name extension exclusions
    • .zip
    • .jar
    • .bar
    • .ear
    • .war
    • .bos
    • .cla
    • .jav
    • .data
    • .properties
    • .xml
    • .log
    • .dll
    • .tlog
    • .cfg
    • .css
    • .csslintrc
    • .deb
    • .eot
    • .gif
    • .groovy
    • .htc
    • .html
    • .ico
    • .jpg
    • .js
    • .json
    • .lic
    • .png
    • .sample
    • .svg
    • .tmp
    • .ttf
    • .txt
    • .woff
    • .woff2
    • .X1024-lock
    • .xpi
    • .xsd
  • Other exclusions

Maintain the antivirus configuration

If the server is being kept up-to-date, or after a migration of Bonita, the product may require a different java version, a new application server may be deployed, then you may have to update the antivirus's settings because CATALINA_HOME (with Tomcat) and the JVM paths will
likely change.

Studio

Make sure that the folder exclusions, process exclusions and file name extension exclusions that are listed below are configured for both memory-resident and file-level scanning:

  • Folder exclusions
    • the directory were the Studio is installed and all its sub directories
    • the directory pointed out by the java.io.tmpdir system variable
  • Process exclusions
    • the java.exe used to start the Studio
  • file name extension exclusions
    • .zip
    • .jar
    • .bar
    • .ear
    • .war
    • .bos
    • .cla
    • .jav
    • .data
    • .properties
    • .xml
    • .log
    • .dll
    • .tlog
    • .cfg
    • .css
    • .csslintrc
    • .deb
    • .eot
    • .gif
    • .groovy
    • .htc
    • .html
    • .ico
    • .jpg
    • .js
    • .json
    • .lic
    • .png
    • .sample
    • .svg
    • .tmp
    • .ttf
    • .txt
    • .woff
    • .woff2
    • .X1024-lock
    • .xpi
    • .xsd
Notifications