I’m looking for a good, general set of permissions that would allow for uploads by the IIS_IUSRS account, automatic updates, etc., without simply granting modify/write access to IIS_IUSRS for the entire site.
What are the recommended file system permissions for a WordPress installation on IIS7.5?
The least permission needed is for the IIS account to have read and write permissions on the
/wp-content/uploads/folder and read permissions on the rest. This will however not allow the user to install plugins, use the theme editor or install any WordPress updates.In order to allow plugin installs you need to give the IIS account write permission to the
/wp-content/plugins/folder. To allow the use of theme editor you need to the IIS account write permissions on the/wp-content/themes/folder.In order to allow for the user to install WordPress updates you need to give read/write permission on the root folder where you installed WordPress. This is the least secure option but on the other hand the most common way to install it.