What Exclusion Rules Should Be Created for Anti-Virus Software on ProjectDox Servers?

Description

Customers with anti-virus installed on the ProjectDox Servers must enable the following exclusion rules in any scanning utilities installed to prevent issues with the function of the software.  Avolve recommends that only the PdoxTemp folder be scanned in real-time.  All other ProjectDox application folders and supporting folders, including all sub-folders, should be excluded from anti-virus applications real-time scanning.  A nightly scan of the directories is acceptable.  It is not recommended to have anti-virus installed on the Job Processors.  Avolve cannot guarantee the operation of the Job Processors with anti-virus installed on the servers and, in the event issues occur with publishing, the first recommendation will be to remove the anti-virus application from the Job Processors and perform a full reboot.  Perform testing after the Job Processor has been rebooted to see if the issue is resolved.  

Solution

Avolve recommends setting up exclusion rules for the folders specified below on the ProjectDox servers indicated.  Assuming the Operating System is installed on the C:\ drive and the ProjectDox, related services and Brava applications are installed on the E:\ drive, you would want to exclude the following folders, including any sub-folders, on the ProjectDox servers.  A list of common Share Folder Names used by ProjectDox is provided below.

• UserFilesSource or UFS - Stores original files uploaded by users
• UserFilesPublish or UFP - Stores published ActiveX version of files uploaded by users
• DLCache - Stores published HTML version of files uploaded by users
• Queue - Stores Job Tickets created for publishing requests for the Job Processors
• PdoxLogs or Logs - Stores Archive PDFs if using ProjectDox Archive Feature
• PdoxExport or Export - Stores Exported Projects until retrieved by EDMS solution
• WFlowDLLCache - Stores ProjectFlow workflow instance DLLs for active workflows

• PdoxTemp - All uploaded files are stored in this folder first before being moved to the UserFilesSource folder.  This folder should not be excluded as it is the single point of entry for any new files uploaded to ProjectDox and should be scanned in real-time.

NOTE:  Some anti-virus applications may need an additional exclusion rule enabled for .rtf file types.  If you experience trouble with missing Markups or Changemarks within the workflow, then please try adding the exclusion rule for file types of .rtf and see if that resolves your issue.  Markups and Changemarks are saved to the PdoxTemp folder temporarily and some anti-virus applications will false alert and remove the .rtf file causing saved Markups and Changemarks to not show up in the workflow.

Job Processors

     C:\Windows\system32\spool\PRINTERS\  

     C:\Windows\Temp\  **  (see additional info below)

     C:\Users\NetItSvc\AppData\Local\Informative Graphics Corp\

     C:\Users\NetItSvc\AppData\Local\Temp\

     C:\Users\NetItSvc\AppData\Roaming\Informative Graphics Corp\

     C:\ProgramData\IGC\  (Brava 16.2 and 16.4)

     C:\ProgramData\OpenText\  (Brava 16.6 and up)

     E:\Program Files (x86)\IGC\   

     E:\Program Files (x86)\Avolve\    

     E:\Program Files\IGC\   

     E:\JPTemp\  **  (see additional info below)

     E:\ProjectDoxSupportFiles\  or  E:\PDSF  * (see note below)


Web Server

     w3wp.exe Process

     E:\ProjectDox\     (Superion customers may see E:\EPR instead of E:\ProjectDox)

     E:\ProjectDox.Web.API

     E:\ProjectDox.Web.UI

     E:\Program Files (x86)\Avolve\   

     E:\ProjectDoxSupportFiles\  or  E:\PDSF  * (see note below)


Application Server

     E:\Program Files (x86)\Avolve\

     E:\ProjectDoxSupportFiles\  or  E:\PDSF  * (see note below)



NOTE *

ProjectDox file share folders may exist on any ProjectDox server, Network Storage Device or stand-alone File Server. 
The PdoxTemp folder is the single entry point of new files to the server and therefore it is recommended to scan this folder only in real-time.  A nightly scan can be performed of the folders if desired.
Exclude all share folders with the exception of PdoxTemp from real-time scanning. 

ADDITIONAL INFO **

     If you are unable to exclude C:\Windows\Temp on the Job Processors, you can update the system output path of the IGC Writer Print driver and use a different directory for example E:\JPTemp.

To do this:

1. Create a folder on the E:\ drive named JPTemp
2. Grant Full Control under the Security Options for the folder, to the PD_USR and NetISvc accounts
3. In the Control Panel Printers and Faxes panel, right-click on the CSF Writer printer and select Properties
4. Select the Advanced tab
5. Click the Printing Defaults... button
6. Select the Filename Generation tab
7. Change the Output Directory path to the following:  E:\JPTemp
8. Click OK to save your settings.

Then add an exclusion rule for the E:\JPTemp folder on the Job Processors in place of the C:\Windows\Temp folder

SQL Server

Antivirus exclusion on SQL files:

When you configure antivirus software settings, make sure that you exclude the following files or directories on SQL Server machine from virus scanning. Doing this improves the performance of the files and helps make sure that the files are not locked when the SQL Server service must use them. However, if these files become infected, your antivirus software cannot detect the infection.