Plesk uses the IIS web server to deliver the pages of your website to clients (such as browsers through which visitors access your website). The behavior of IIS is defined by variety of settings.
Default web server settings are specified by the server administrator (hosting provider). For example, these settings can determine how IIS process different types of files, how it uses SSL/TLS, and so on.
However, you (as a website owner) can set up custom web server settings for your website. For example, add a type of the index file, restrict access to the site, and so on.
Note: You can adjust web server settings for your websites only if your hosting subscription provides the corresponding permission.
All customizable web server settings are located in Websites & Domains > select a website > IIS Settings. Custom settings work only for the selected website.
The settings are divided into groups:
These settings are typically changed by site owners, who may want to:
- Allow site visitors to view the listing of files and subdirectories of the site’s directory in their browsers (Directory browsing). The directory listing will be displayed if there are no matches for default index pages in the site’s root directory.
- Add a type of default index pages (Default documents).
- Add a MIME type for files with a certain extension (MIME types).
- Change how long web browsers keep cached copies of the web content before requesting it again from the server by configuring the “Expires” headers.
- Instruct web browsers to perform various actions by configuring additional headers to HTTP responses.
These settings allow site owners to:
- Restrict access to the site by username and password – only system users will be able to access the site (Anonymous authentication). Denying anonymous authentication may be useful if your site is not intended for any visitor, for example, it is a web application for internal use. Note that FTP users and additional FTP users created in Plesk will have access to such a site if they were granted access to the site’s directory.
- Force all clients (such as browsers or FTP clients) to use the secure HTTPS protocol to access their site (Require SSL/TLS). You need this option, for example, if the site contains and transmits personal information.
These settings allow site owners to restrict access to the site by IP address of the visitor (Deny access to the site) by denying and allowing access from certain IP addresses.
Note: Subdomains have their own web server settings, therefore, when you change web server settings for a site that has subdomains, the subdomains will not receive these changes.
If you do not find the necessary setting, contact your server administrator (hosting provider), who can set up more custom settings for websites.
You can set the value of each parameter either by typing a custom value, or leaving the Default value. In the latter case, Plesk uses the values from the default web server configuration defined by the server administrator (hosting provider).
Your values override the default ones. The only exception is the Deny access to the site setting - IP addresses from the default configuration, as well as the IP addresses specified by you, will all be applied to your website. In case of a conflict (for example, when you allow the IP address that is denied in the default configuration), IIS uses your settings.