The initial security configuration of Windows objects is performed automatically by Plesk during installation. Plesk creates a number of default accounts and sets user permissions on all Windows objects found on the freshly installed Plesk-managed server. All pre-existing security settings are erased and new security settings are applied according to the security rules found in the default disk security metadata file.

Subsequently, each time a new hosting account is created, the created default hosted objects are assigned user account permissions based on the security rules found in the corresponding hosting security metadata file instantiated from a current hosting security metadata file template.

If a folder or a file is created, for which no security rule is set in the security metadata, the object will automatically inherit security settings of their respective parent containers.