For no apparent reason (which generally a Plesk update did it), one of my customers website stopped working today, prompting visitors with a username/password box to authenticate which when cancelled, gave the following error:
HTTP Error 401.3 – Unauthorized: Access is denied due to an ACL set on the requested resource
I immediately assumed it was simply a folder that had its IUSR permissions wiped accidentally by the update but I checked that and all was well, I then checked IIS to ensure anonymous access was enabled and also confirmed there was no web.config restrictions.
In the end it turned out to be the IWAM_plesk user was missing from the website – I’ve yet to work out what that user but as soon as I added it to the httpdocs folder and granted it permissions, all was well again.