Article ID: 1358, created on Oct 6, 2008, last review on May 11, 2014

  • Applies to:
  • Plesk 10.4 for Windows


A folder configured as "protected" on a domain can be accessed without any authorization.


  1. The Plesk ISAPI filter for protected directories is not configured on the website.

  2. The website server ID is not the same as the server ID stored in the Plesk database.

  3. There is a misconfiguration in the Plesk database.


  1. Check whether the urlprotect.dll ISAPI filter is enabled on the website in IIS:

    IIS, Web sites,, Right Click, Properties, ISAPI Filters, urlprotect.dll

  2. Check the website ID in IIS.

    IIS, Web sites, Find problem web site in list, Identifier is to the right of the site name. Alternatively, use this command line utility:

    "%plesk_bin%\websrvmng" --get-server-id

    You then need to check the server ID in the Plesk DB.

    select server_id from hosting h, domains d where and'';

    If you receive two different values, you need to synchronize them:

    "%plesk_bin%\websrvmng" --update-all-server-id

    Then restart Plesk Management Service.

  3. If the two previous steps did not resolve the problem, check the table protected_dirs in the Plesk DB. There should be no records with an empty value in the field path.

    select * from protected_dirs where path='';

    If any rows were returned, they should be removed.

    delete from protected_dirs where path='';

Search Words

Password protected directories are not working. Please see the domain

The directory should be password protected

a914db3fdc7a53ddcfd1b2db8f5a1b9c 85a92ca67f2200d36506862eaa6ed6b8 56797cefb1efc9130f7c48a7d1db0f0c ff5a00b8ead2e480367b019417a04207 c796c01d6951fa24ed54c7f1111667c6

Email subscription for changes to this article
Save as PDF