Hi @Irfan Ranjha ,
Both of them are suitable for your application, whatever it is a PHP site or .NET site. So you can assign user like IUSR
or app pool like iis apppool\app pool name
.
Regarding to the difference between them, if you assign specific user to folder, you need to set identity of application pool to this user. Then the permission of application pool is decided by specific user. Administrator can set the permission of specific user in system group policy.
If you add app pool to folder security directly, application pool will only have permission to all content in this folder, you don't need to set application pool identity.
So from the perspective of permissions, the end result of both is to ensure that the application pool can control the folder. But the permissions of the first method application pool are determined by specific user permissions (group policy), and the permissions of the second method are determined by setting when adding pool to security. Also, the two belong to different domains. Users can belong to system or other groups. The application pool belongs to the IIS domain.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
Bruce Zhang