Applicable to:
- Plesk for Windows
Question
- How to customize permissions allowing access to additional files and directories for Plesk on Windows users through Disk Security?
- How can I make additional software installed on my Windows server accessible to Plesk websites and users?
Answer
For example, there is an application installed into the folder C:\Program Files\AppName
(or any other directory that is generally not accessible to Plesk-related users on your Windows server). The contents of that directory need to be accessed by some of the website on your Windows server, in order for the websites to run as expected and avoid 500 Internal Server Error or similar messages.
C:\Program Files\Persits Software\aspjpeg\bin\aspjpeg64.dll
C:\Program Files\Persits Software\asppdf\bin\asppdf64.dll
C:\Program Files\Persits Software\aspupload\bin\aspupload64.dll
C:\Program Files\Persits Software\aspupload\bin\aspemail64.dll
C:\Program Files\Persits Software (x86)\aspjpeg\bin\aspjpeg.dll
C:\Program Files\Persits Software (x86)\asppdf\bin\asppdf.dll
C:\Program Files\Persits Software (x86)\aspupload\bin\aspupload.dll
C:\Program Files\Persits Software (x86)\aspemail\bin\aspemail.dll
C:\Program Files (x86)\Dimac\w3JMail\bin\jmail.dll
The Plesk panel's default security rules prohibit customers from accessing arbitrary folders on the disk and limit them from only accessing certain files and directories that are related to Plesk.
To customize disk security and allow access to the Plesk users to certain additional files and directories on your Windows Server, you should create an additional file with the .xml
extension in the %plesk_dir%etc\DiskSecurity
directory and specify additional security rules in the file.
This will track changes and manipulate sets of security metadata easily.
For example, if the full path of the main directory of the software that you want to make available to Plesk users is C:\Program Files\Persits Software\AspJpeg
, you should do the following:
- Connect to the server via RDP
-
Create a new file called
permissions.xml
in%plesk_dir%\etc\DiskSecurity\
(rename the old one if necessary) and put the following contents within it:CONFIG_TEXT: <?xml version="1.0" encoding="utf-8" ?>
<Entries>
<Entry AccounType="1" Account="Psacln" Path="C:\Program Files\Persits Software" SubPath="AspJpeg" AceFlags="ThisFolderSubfoldersAndFiles" AccessMask="FullAccess" EntryFlags="0" />
<Entry AccounType="1" Account="Psaadm" Path="C:\Program Files\Persits Software" SubPath="AspJpeg" AceFlags="ThisFolderSubfoldersAndFiles" AccessMask="FullAccess" EntryFlags="0" />
</Entries> - Start Command Prompt as the Administrator
-
Run the ApplySecurity.exe utility of Plesk in order to apply the permission changes by executing the following command:
C:\> "%plesk_bin64%"\ApplySecurity.exe --apply-to-directory --directory="C:\Program Files\Persits Software\AspJpeg"
Note: This file will be read during the reapplying of permissions by the Plesk repair utility when it is invoked either via the Plesk Reconfigurator utility or called directly from CLI
-
Run the following plesk repair command in order to make absolutely sure that the permissions of the newly mentioned software directory are correct:
C:\> plesk repair --directory-permissions -directory "C:\Program Files\Persits Software\AspJpeg
-
(Optional) If you are getting a 500 Internal Server Error while opening the related website resource at this point, in most cases it can be resolved by going to Plesk > Domains > example.com > Hosting & DNS > Dedicated IIS Application Pool for Website, checking the Enable 32-bit applications box, pressing Apply and pressing Recycle for the application pool:
Comments
0 comments
Please sign in to leave a comment.