Plesk

How to customize permissions allowing access to additional files and directories for Plesk on Windows users through Disk Security?

  • Dmitry Bystrov

    • Question

    For example, there is an application installed into the folder C:Program FilesAppName (or any other directory that is generally not accessible to Plesk-related users on your Windows server). The contents of that directory need to be accessed by some of the website on your Windows server, in order for the websites to run as expected and avoid 500 Internal Server Error or similar messages.

    The Plesk panel's default security rules prohibit customers from accessing arbitrary folders on the disk and limit them from only accessing certain files and directories that are related to Plesk. 

    Answer

    To customize disk security and allow access to the Plesk users to certain additional files and directories on your Windows Server, you should create an additional file with the .xml extension in the %plesk_dir%etcDiskSecurity directory and specify additional security rules in the file.

    This will track changes and manipulate sets of security metadata easily.

    As an example, you may do the following:

    1. Connect to the server via RDP

    2. Create file permissions.xml in %plesk_dir%etcDiskSecurity

      <?xml version="1.0" encoding="utf-8" ?>

      <Entries>

      <Entry AccounType="1" Account="Psacln" Path="C:Program Files" SubPath="AppName" AceFlags="ThisFolderSubfoldersAndFiles" AccessMask="FullAccess" EntryFlags="0x0" />

      <Entry AccounType="1" Account="Psaadm" Path="C:Program Files" SubPath="AppName" AceFlags="ThisFolderSubfoldersAndFiles" AccessMask="FullAccess" EntryFlags="0x0" />

      </Entries>

    3. Run the ApplySecurity.exe utility:

      C:> "%plesk_bin64%"ApplySecurity.exe --apply-to-directory --directory="C:Program Files"

    This file will be read during the reapplying of permissions by the Plesk repair utility when it is invoked either via the Plesk Reconfigurator utility or called directly from CLI or by following these steps:

    1. Log into your server via RDP

    2. Run Command Prompt as the Administrator

    3. Execute a command that is similar to the following:

    C:> plesk repair --directory-permissions -directory "C:Program Files"

    Additional Information

    Customizing Disk Security | Plesk Obsidian documentation

    Tweet
    Share
    Share
    Email
    0 Shares
    Exit mobile version