I am hoping the good people of EE can get me a definitive answer, with explination, to what seems to be a common issue with using WordPress on an IIS server. The problem is uploading images. When a user does this the site starts requiring a Windows logon when someone attempts to view. I understand that it's a rights issue. Wordpress seems to create a directory on the fly and puts the image file in there. This file (and the folder) do not have rights for the IUSR account. I've read on other forums that the solution is to give full access to the IUSR account and the "Network" user (some forums seem to mention this). On these forums, the person usually questions the security implications of doing this, as I do, and I have not seen any good responses to this.
Can someone tell me what other Wordpress/Windows users do about this? And explain how the solution won't be a security risk?