Write Permissions on Plesk Windows Server Get Removed
Saturday, March 07th, 2009 | Author:

This has been a regular problem with most of our Windows dedicated Server Clients as well as Windows Shared hosting client that has Plesk 8.4 installed on them, specially for those who need write permissions on web user for the ASP .NET/MSSQL and PHP/MySQL application, that the write permissions on the folder get removed own its own without any changes being made by us or the client. After allot of scratching and investigation we were finally able to reveal the secrete about the permissions issue. The problem was not with Plesk but the way we use to set permissions on the folder.

plesk-86-premissions-problems

While I was searching for the solution I found the KB articel on Parallels sites below:

http://kb.parallels.com/en/1147

Where they (Plesk adminstrators) have clearly mentioned that custom permissions set on top level folder like httpdocs, statistics, cgi-bin etc will get reset by Plesk. So I decided to make a test, I manually gave write permissions to httpdocs folder and ran webservmng.exe on it and yes it was removed. Then after allot digging I would that there us a file .Security which is saved under the folder with the domain name (parallel to httpdocs folder), that stores all permissions for that domain.

Before we start please be informed that these steps are applicable to Parallel Plesk version 8.4 and above as .Security file was introduced in 8.4 only.

So here are steps to get around the problem permanently:

1. Backup the .Security file and delete it from [drive]:inetpub/vhosts/domain_name, this file saves all the permissions assigned to that user from Plesk on Windows. Deleting it will remove all the records.

2. After renaming or deleting the . Security file, run this command below:

"%plesk_bin%/websrvmng.exe" --reconfigure-vhost --vhost-name=domain_name

3. This command will create a new .Security file with all default permissions on that domain.

4. Now login into Plesk >> Click on Domains >> domain_name >> File Manager >> httpdocs >> golden padlock of folder_name to set perm on >> “Advance” Button >> Select users >> Assign permissions >> OK.

These steps will save new permissions in .Security file and even if you run websrvmng on that domain again, the new permissions that has been set from Plesk will not get removed. There is no need to add any special group or users like, ASPNET or NETWORK SERVICE to any folder as those permissions are handled by IUSR_ & IWAM_/IWPD_ users.

Any permissions that has been assigned directly to httpdocs folder will get reset by Plesk and if you inherit them to sub folder, permissions from sub folder will also get removed.

So the moral is, DO NOT give any permissions from RDP, use File Manager option if you want to keep the trouble of permissions away.