Adding Anti-virus Exclusions and Firewall Permissions

When you are installing your backup client on a new computer, it is often necessary to make sure that other software and hardware won't interfere with your backups. Some examples of software or devices that commonly interfere with backups are anti-virus/anti-malware software, viruses or malware on the client system, and software or hardware firewalls. Here are some general actions you should take when setting up a new backup client.


Adding Anti-Virus/Anti-Malware Exclusions

Anti-virus software, especially those with active scanning enabled, can cause a number of issues. This can include interfering with the client uploading data to your backup server, as well as malforming the active databases that keep track of the data that is backed up. It is even possible that the software can be "sandboxed" or that critical files (ie: the INI file) can be moved or deleted. To prevent this from happening, it is recommended that you add exclusions/exceptions for your backup software.

Though it differs from anti-virus brand to brand (and often between major versions), almost all types of anti-virus software has a way to add exclusions, and it is usually found under the settings or advanced configuration rules.

It is recommended to exclude the entire backup client install folder (for example C:\Program Files\BrandName\) and all its subdirectories, if that is an option. If you must select individual files for exclusion, exclude the following files:

  • BrandName.exe
  • BrandName_gui.exe
  • BrandName_scheduler.exe
  • fs.db
  • vault0000.db
  • vault0105.db
  • BrandName.ini
  • BrandName.sel
  • BrandName.enc

and replace BrandName in the three executables and three files with the brand name you provided when you built your branded backup client. Only exclude individual files is there is no way to exclude the entire folder, since excluding the entire folder will ensure that active scans from anti-virus software won't interfere with any temporary files being made and used during the backup process.


Adding Firewall Permissions

Many firewalls are configured by default to only block blacklisted programs, sites, and ports. However, firewalls can be configured to block all traffic unless it has been whitelisted. In cases, such as these, you will need to add permissions to the firewall so that your backup client can connect to your server.

There are three places you will normally see a firewall: built into an anti-virus software suite, as a stand-alone application (including Windows Firewall), and built into a router device (ie. a hardware firewall).

For the case of most software firewalls, including those bundled with anti-virus software as well as Windows Firewall, you will need to allow the backup client through the firewall. The key executable you need to select is the BrandName.exe (replacing BrandName with the brand name you provided); if it prompts for ports to open for the program, select the same port number that your server is listening on. By default, this is TCP port 443, though if you changed this when you set up your server and built your branded client, you should use this changed value.

In the case of hardware firewalls and software firewalls that don't whitelist on a program level, you will need to make sure that incoming and outgoing traffic on the TCP port your server is listening on, and your client is sending on, are allowed. Again, by default this is TCP port 443, but be sure to use whatever port your server is using. You can check this port on the server in the Settings > Server tab.

If you need to whitelist sites that your client will connect to, you should whitelist your FQDN (e.g., as well as for both HTTP and HTTPS (ie: ports 80 and 443).

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Powered by Zendesk