Plesk’s security rules for managed objects on hosted domains and web
user folders are stored in security metadata files. Because Plesk has
two different security policies applied to Windows objects, it uses two
different types of security metadata files: disk security metadata
file and hosting security metadata files.
The disk security metadata file defines security rules for Windows
objects on server disks except for the contents of the
%plesk_vhosts% directory, which contains hosted content for hosting
accounts and is governed by a different security policy.
Security rules for Windows objects in the %plesk_vhosts% directory
are defined by hosting security metadata files. Separate instances of
hosting security metadata files are automatically created for each
hosting account (domain or web user) from the corresponding template
files during hosting account creation in Plesk.
You can manually modify security rules by editing corresponding security
metadata files or templates. For detailed information about modifying
Plesk’s security rules, see the sections Customizing Disk
Security and Customizing Hosting
Security.