How to customize permissions for Plesk users through Disk Security?

Question

How to customize permissions for Plesk users through Disk Security?

For example, there is an application installed into the folder C:\Program Files\AppName. This module is used on customer's sites, but it does not work properly because Panel's default security rules prohibit customers from accessing arbitrary folders on the disk. 

Answer

To customize disk security, create an additional file with the .xml extension in the %plesk_dir%etc\DiskSecurity directory and specify additional security rules in the file. This will track changes and manipulate sets of security metadata easily.

For example:

1. Connect to the server via RDP;

2. Create file permissions.xml in %plesk_dir%\etc\DiskSecurity\

   CONFIG_TEXT: <?xml version="1.0" encoding="utf-8" ?>
   
   <Entries>
   
   <Entry AccounType="1" Account="Psacln" Path="C:\Program Files\" SubPath="AppName" AceFlags="ThisFolderSubfoldersAndFiles" AccessMask="FullAccess" EntryFlags="0x0" />
   
   <Entry AccounType="1" Account="Psaadm" Path="C:\Program Files\" SubPath="AppName" AceFlags="ThisFolderSubfoldersAndFiles" AccessMask="FullAccess" EntryFlags="0x0" />
   
   </Entries>

3. Run the ApplySecurity.exe utility:

   C:\> "%plesk_bin64%"\ApplySecurity.exe --apply-to-directory --directory="C:\Program Files"

This file will be read during re-applying permissions by Plesk repair utility when it is either called directly from CLI or by Plesk Reconfigurator utility:

C:\> plesk repair --directory-permissions -directory "C:\Program Files"

Additional Information

Refer to following Plesk documentation for more details: Customizing Disk Security