How To Set Up WebDAV With Apache2 On Ubuntu 8.10

Want to support HowtoForge? Become a subscriber!
 
Submitted by falko (Contact Author) (Forums) on Wed, 2009-02-25 18:23. :: Ubuntu | Apache

How To Set Up WebDAV With Apache2 On Ubuntu 8.10

Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 01/20/2009

This guide explains how to set up WebDAV with Apache2 on an Ubuntu 8.10 server. WebDAV stands for Web-based Distributed Authoring and Versioning and is a set of extensions to the HTTP protocol that allow users to directly edit files on the Apache server so that they do not need to be downloaded/uploaded via FTP. Of course, WebDAV can also be used to upload and download files.

I do not issue any guarantee that this will work for you!

 

1 Preliminary Note

I'm using an Ubuntu 8.10 server with the IP address 192.168.0.100 here.

Because we must run all the steps from this tutorial with root privileges, we can either prepend all commands in this tutorial with the string sudo, or we become root right now by typing

sudo su

 

2 Installing WebDAV

If Apache is not already installed, install it as follows:

apt-get install apache2

Afterwards, enable the WebDAV modules:

a2enmod dav_fs
a2enmod dav

Restart Apache:

/etc/init.d/apache2 restart

 

3 Creating A Virtual Host

I will now create a default Apache vhost in the directory /var/www/web1/web. For this purpose, I will modify the default Apache vhost configuration in /etc/apache2/sites-available/default. If you already have a vhost for which you'd like to enable WebDAV, you must adjust this tutorial to your situation.

First, we create the directory /var/www/web1/web and make the Apache user (www-data) the owner of that directory:

mkdir -p /var/www/web1/web
chown www-data /var/www/web1/web

Then we back up the default Apache vhost configuration (/etc/apache2/sites-available/default) and create our own one:

mv /etc/apache2/sites-available/default /etc/apache2/sites-available/default_orig
vi /etc/apache2/sites-available/default

NameVirtualHost *
<VirtualHost *>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/web1/web/
        <Directory /var/www/web1/web/>
                Options Indexes MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

</VirtualHost>

Then reload Apache:

/etc/init.d/apache2 reload

 

4 Configure The Virtual Host For WebDAV

Now we create the WebDAV password file /var/www/web1/passwd.dav with the user test (the -c switch creates the file if it does not exist):

htpasswd -c /var/www/web1/passwd.dav test

You will be asked to type in a password for the user test.

(Please don't use the -c switch if /var/www/web1/passwd.dav is already existing because this will recreate the file from scratch, meaning you lose all users in that file!)

Now we change the permissions of the /var/www/web1/passwd.dav file so that only root and the members of the www-data group can access it:

chown root:www-data /var/www/web1/passwd.dav
chmod 640 /var/www/web1/passwd.dav

Now we modify our vhost in /etc/apache2/sites-available/default and add the following lines to it:

vi /etc/apache2/sites-available/default

[...]
        Alias /webdav /var/www/web1/web

        <Location /webdav>
           DAV On
           AuthType Basic
           AuthName "webdav"
           AuthUserFile /var/www/web1/passwd.dav
           Require valid-user
       </Location>
[...]

The Alias directive makes (together with <Location>) that when you call /webdav, WebDAV is invoked, but you can still access the whole document root of the vhost. All other URLs of that vhost are still "normal" HTTP.

The final vhost should look like this:

NameVirtualHost *
<VirtualHost *>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/web1/web/
        <Directory /var/www/web1/web/>
                Options Indexes MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        Alias /webdav /var/www/web1/web

        <Location /webdav>
           DAV On
           AuthType Basic
           AuthName "webdav"
           AuthUserFile /var/www/web1/passwd.dav
           Require valid-user
       </Location>
</VirtualHost>

Reload Apache afterwards:

/etc/init.d/apache2 reload

 

5 Testing WebDAV

We will now install cadaver, a command-line WebDAV client:

apt-get install cadaver

To test if WebDAV works, type:

cadaver http://localhost/webdav/

You should be prompted for a user name. Type in test and then the password for the user test. If all goes well, you should be granted access which means WebDAV is working ok. Type quit to leave the WebDAV shell:

root@server1:~# cadaver http://localhost/webdav/
Authentication required for webdav on server `localhost':
Username: test
Password:
dav:/webdav/> quit
Connection to `localhost' closed.
root@server1:~#


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by Brian1999 (not registered) on Mon, 2012-08-20 05:28.
It is great article. However, I think it might be easier to sign up a cloud based webdav solution such as offered by www.DriveHQ.com. The advantages of cloud based webdav include: it's easier to setup. Just sign up an account and you get your webdav server ready; and you can access your webdav server from anywhere.
Submitted by Thomas Dahlmann (not registered) on Fri, 2009-03-06 14:49.

Hi

Nice article, plain simple and intuitive.

I have one recommendation though. Instead of basic authentication I would choose digest. When playing with webdav you should keep in mind that you open a very large hole into you server. Webdav (which is the point with the protocol) gives access to modify the content. If your username and password is sniffed - you've lost big time.

Using digest as authentication gives the second best option to SSL.