My Blazor server Side app (.NET7) on a server with OS WinServer 2019 worked without problem. Because of an OS problem our IT dep. has formatted the server and reinstalled WinServer 2019 again. Before the reinstallation I have backuped my web site directory (C:\inetpub\web_site), and after installation copied back again to the same directory.
After doing all the IIS configurations 1:1,now I get each time the app tries to write to a file on the server, the error "Acces denied" .(Earlier this was not the case)
I could only fix this error by giving IIS_IUSRS write permission to the websites main directory. I am not sure if this is a secure solution or a correct approach in security perspective. What could be the reason that I got this issue after reinstallation of the server? Could this solution cause security issues?
Before reinstallation of the server only System, and the Administrators group had write access to the website directory.
If you are the only one with access to the server, it is okay to grant IIS_IUSRS write permissions to the website's home directory. But don't do this on a public server.
Granting the IIS_IUSRS group write permissions to the website directory is a common solution, but it's important to consider the security implications. IIS_IUSRS should not have write permissions to everything under C:\inetpub\web_site, but only to a few specific locations that the web application needs to write to.