Open Source

How to set up WebDAV hosting on Apache

Vincent Danen tells you how to set up WebDAV on Apache with a minimum of fuss. There's plenty of room for error but these steps should help you avoid the pitfalls.

WebDAV (Web-based Distributed Authoring and Versioning) is a way to share files over HTTP, much like you would use Samba or NFS. It has more limitations, and less speed, than filesystems like Samba or NFS, but with the proliferation of web servers and the ability to reach websites from multiple clients in various locations, WebDAV certainly has its appeal. Unlike Samba or NFS, which are best suited for local area networks, you can use an HTTP server anywhere in the world and likewise access it from anywhere.

WebDAV support is also baked right into most modern operating systems, making it extremely easy to access as a client. Setting it up on the server, however, may be more of a challenge. Certainly setting it up correctly can be.

Using Apache on Red Hat Enterprise Linux 5 (or CentOS 5) as an example, let's look at setting up a WebDAV server. First and foremost, you will need mod_dav and mod_dav_fs support, which can be found in the httpd package; if you have Apache installed, you will have support for WebDAV already available (other distributions may package WebDAV support modules separately, such as apache-mod_dav). The first step is to create /etc/httpd/conf.d/webdav.conf which will be where we configure WebDAV. The reason we are putting our configuration file there is due to this gem in /etc/httpd/conf/httpd.conf:

Include conf.d/*.conf

This tells Apache to automatically pick up all configuration files (*.conf) in /etc/httpd/conf.d/. The contents of /etc/httpd/conf.d/webdav.conf will look similar to this:

<IfModule mod_dav.c>
    LimitXMLRequestBody 131072
    DavLockDB /var/dav/DavLock
    Alias /dav "/srv/www/dav"
    <Directory /srv/www/dav>
        Dav On
        Options +Indexes
        IndexOptions FancyIndexing
        AddDefaultCharset UTF-8
        AuthType Basic
        AuthName "WebDAV"
        AuthUserFile /etc/httpd/conf/dav.passwd
        Require valid-user
    </Directory>
</IfModule>

This sets up the required WebDAV settings necessary to make it work properly. Here we have defined a number of things; one that is important to note is the location of the DavLockDB file (this must be writable by the user running Apache -- usually apache or nobody). The directory storing the lock file needs to be writable, so create a new directory specifically for this purpose:

# mkdir -p /var/dav
# chown nobody:nobody /var/dav

You will also want to ensure that /srv/www/dav is writable by the user running Apache as well:

# mkdir -p /srv/www/dav
# chown nobody:nobody /srv/www/dav
# chmod 755 /srv/www/dav

Finally, you need to create the password file for authentication. In the above example the password file was specified as /etc/httpd/conf/dav.passwd, so use htpasswd to create it:

# htpasswd -c /etc/httpd/conf/dav.passwd [user]

You will be prompted for [user]'s password and then htpasswd will create the file. At this point you can restart Apache:

# service httpd restart

You can now point a web browser to http://yoursite.com/dav/ and it should prompt you for a login. You won't be able to do anything special in the web browser, but you can use another WebDAV client to try uploading and downloading files, such as cadaver:

# cadaver https://yoursite.com/dav
Authentication required for Private on server `yoursite.com':
Username: user
Password:
dav:/dav/> ls
Listing collection `/dav/': succeeded.
Coll:   omnifocus                              0  Aug  8 14:30
        somefile.txt                         115  Jul 17 15:03

For more security, wrap WebDAV up in SSL by adding it to an appropriate SSL-based virtual host. This will encrypt your password and data-in-transit.

This should also work with most other Linux distributions using Apache, possibly changing some paths to configuration files or package names. All in all, setting up WebDAV doesn't have to be difficult, but all of these steps are required, otherwise some WebDAV clients will fail with inexplicably weird errors. This also provides a quick and easy way to store files in a remote location, securely, with the ability to obtain them from anywhere.

Get the PDF version here.

About

Vincent Danen works on the Red Hat Security Response Team and lives in Canada. He has been writing about and developing on Linux for over 10 years and is a veteran Mac user.

3 comments
me19562
me19562

Really good article. Is there a way to use NIS for the authentication?

pgit
pgit

Never thought to deploy WebDAV... I'm having a "DUH!" moment here. This looks a TON simpler than trying to keep track of revisions/changes/work flows with rsync over ssh. The tip about Include conf.d/*.conf is exactly the kind of info that makes Tech Republic the most worthwhile resource I have out here in cyberland. Thanks, Vincent.

coolmark82
coolmark82

The Apache program is very useful to me, and it is very efficient. for web hosting, this is a must.

Editor's Picks