This article includes information about folders that need to be excluded from antivirus scanning in ASP.net applications:
1. The physical file folders for the web sites content, no matter it is a local folder or a network share.
The default location is mentioned below, however please note that your content may reside in a different directory as well. Please check the path to which your website and the virtual directories under it points to, in order to identify the correct path.
C:\inetpub\wwwroot
2. .Net Framework config directory
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config
3. ASP.net temp file directory
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files
4. IIS config folder
In case you are running IIS in shared configuration and your server happens to host the configuration on a different location, ensure to exclude it from the scan. More information about shared config can be found here.
%SystemDrive%\Windows\System32\inetsrv\config\
5. IIS Temporary Compressed Files
%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files
Author: Amol Mehrotra
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.