IIS WordPress images 500 error

If you are here you probably are having the dreaded “broken images” problem while running WordPress under IIS.

You may have found this issue by looking at the IIS logfiles for your site and seeing 500 errors logged when it’s supposed to be pushing out images.

I will save you a lot of time.

This is all about fixing permissions so that images/media/files uploaded via WordPress will properly render.

This is the fix for the infamous “500” error that is thrown when your server has wrong file permissions and the visual result is all the images you uploaded are “broken images” and won’t display. Also called HTTP Error 500.50 – URL Rewrite Module Error when you have Detailed errors on.

  1. Don’t sweat it, I will save you HOURS of time on this one.   Thanks to the article I found here after HOURS of tracking this issue down, this problem is caused because PHP first uploads the document to a temporary directory (by default C:\Windows\Temp), and then moves it from that directory to the actual /blog/wp-content/uploads/ subdirectory.  What happens is that because IIS does not have any permissions to your “C:\Windows\Temp” directory, when the file is uploaded there, then moved by PHP, the file inherits NO permissions.  So when IIS trys to serve out that file from your /blog/wp-content/uploads/subdirectory it throws a 500 error and that is actually a permissions error.
  2. The solution:  on the Windows\Temp folder, grant “modify” permissions to both IUSR and {servername}\IIS_IUSRS user accounts.
  3. Now when you upload files via PHP and PHP moves them to the correct directory, the files will have the correct permissions and can be accessed.
  4. Important note #1:  If you already have uploaded files and are getting the dreaded broken images issue, go to the /blog/wp-content/uploads/directory and replace/update the permissions to add access for both user accounts noted above.  That will solve that issue.
  5. Important note #2: as with any change off the defaults for Windows, you do this AT YOUR OWN RISK.  It’s up to you if you want to grant the Windows\Temp directory permissions for those two accounts.  If you don’t PHP won’t be able to upload without the 500 issue (unless you move the PHP temp folder elsewhere and grant those accounts access to the other folder).  Do these changes at your own risk… I cannot and won’t take any responsiblity for your systems.  Please know what you are doing.

UPDATE: 04/29/2011:  One reader commented to me that he is concerned about changing security permissions on the Windows TEMP directory, and he noted that you can also edit the php.ini file and change the location of the “upload_tmp_dir” variable and point it to another location.  It’s up to you how you want to do this, as long as you have the right permissions mentioned above, your WP images and future uploads will work fine.



Leave a Reply

Your email address will not be published. Required fields are marked *