SOLVED: 500 Error on Downloads in WordPress Running on IIS

If you are running a default WordPress installation on IIS you will find that you can upload files into the MEDIA LIBRARY without any problem but if you try to download those files, you will see a 500 INTERNAL SERVER ERROR or a 500.50 URL REWRITE MODULE ERROR (depending on your browser, configuration and if you are running the browser from the WordPress IIS server)

Why Is the 500 Error on Downloads Appearing?

security-tab-must-have-read-permissions-500-error-wordpress-downloadThis problem is caused by WordPress on IIS using C:\WINDOWS\TEMP as its temporary directory for uploads.  After the file has uploaded WordPress MOVES the file to your MEDIA LIBRARY path (like C:\inetpub\wwwroot\TGScan\wp-content\uploads\2018\04 ).  That means it does not INHERIT the permissions of the UPLOADS folder and that means IIS does not have permission to serve the file.

If you look at one of the files SECURITY tabs you will likely see:

YOU MUST HAVE READ PERMISSIONS TO VIEW THE PROPERTIES OF THIS OBJECT

How to Fix the 500 Error on Downloads

Fix 500 Error in WordPress in IIS on Existing Files

security-tab-replace-permissions-500-error-wordpress-downloadIf you want to use the files you already have uploaded, you must correct the permissions on them.  Simply right click on C:\inetpub\wwwroot\TGScan\wp-content\upload> PROPERTIES > SECURITY tab > ADVANCED button > CHANGE PERMISSIONS button > check REPLACE ALL CHILD OBJECT PERMISSIONS and click APPLY

Avoid 500 Error in WordPress in IIS On New Files

The solution is to either:

  1. Modify the permissions on C:\WINDOWS\TEMP to include IUSER = READ,  or
  2. Create a new folder with the right permissions for WordPress to use for uploads

The better solution for security reasons is to create a new temp folder with the right permissions and tell WordPress to use it:

  1. security-tab-temp-folder-read-permissions-500-error-wordpress-downloadCreate a new folder named C:\PHP_upload_temp
  2. Right click on that folder > SECURITY tab > ADD button > EDIT button > ADVANCED button > FIND NOW button (to bring up ALL the users and groups)
  3. Scroll down and double click on <ServerHostName>\IUSER
  4. Click IUSER and uncheck everything but READ permission
  5. Click OK
  6. Open C:\Program Files (x86)\PHP\<version>\php.ini with a text editor like NotePad or NotePad++
  7. php-ini-temp-upload-folder-500-error-wordpress-downloadScroll almost all the way to the bottom and locate the WEBPICHANGES section
  8. Change UPLOAD_TMP_DIR=C:\WINDOWS\TEMP to C:\PHP_upload_temp 
  9. Save your changes
  10. Restart IIS (we like using the IISRESTART command)
  11. Have a nice day; you are donzo and all will work

References:

Thanks to the following articles that helped me figure this out:

Leave a Reply