Best practices for Identity Platform antivirus exclusions list

Antivirus products can cause operational problems with IIS, such as returning empty files when compression is enabled or performance issues by recycling applications unnecessarily.

Since SecureAuth® Identity Platform runs on IIS, the application can be impacted by these issues. As a preventative measure, SecureAuth recommends excluding certain directories from antivirus solutions when performing real-time scanning on the appliance.

Applies to

SecureAuth Identity Platform release

Server Operating System

Identity Platform 19.07 or later

  • Windows Server 2016

  • Windows Server 2019

Paths to exclude

Add these paths to the antivirus exclusions list:

C:\Windows\Microsoft.NET\Framework

C:\Windows\Microsoft.NET\Framework64

C:\Windows\System32\inetsrv\config

C:\inetpub\wwwroot

C:\inetpub\temp

D:\inetpub\wwwroot

D:\inetpub\temp

D:\inetpub\wwwroot

D:\inetpub\temp

D:\SecureAuth

D:\SecureAuthScepService

D:\SecureauthWS

Additional resources