Posted on by rob

apache2.4 WebDAV

I worked almost a day on getting Apache 2.4 working with WebDAV.

I was working with Apache 2.4.48, on Debian Bullseye. Refering to the docs on my machine at file:///usr/share/doc/apache2-doc/manual/en/mod/mod_dav.html. or on the web, https://httpd.apache.org/docs/2.4/mod/mod_dav.html

Here is the sample code:

DavLockDB "/usr/local/apache2/var/DavLock"

<Directory "/usr/local/apache2/htdocs/foo">
    Require all granted
    Dav On

    AuthType Basic
    AuthName DAV
    AuthUserFile "user.passwd"

    <LimitExcept GET POST OPTIONS>
        Require user admin
    </LimitExcept>
</Directory>

And very useful additional code:

Alias "/phparea" "/home/gstein/php_files"
Alias "/php-source" "/home/gstein/php_files"
<Location "/php-source">
    Dav On
    ForceType text/plain
</Location>

My notes:

  1. On Debian, you dont need to provide DavLockDB. Debian provides a usefull default in /etc/apache2/mods-available/dav_fs.conf
  2. The Require all granted, <LimitExcept GET POST OPTIONS> combo does not work to limit access. I used Require valid-user and a version of the second snippet to control access.
  3. WebDAV will not work with Apache 2.4 unless you specify DirectoryIndex disabled.

Here is my version, with workarounds for these issues.

Alias "/editing/location" "/location/of/wiki"
   <Location "/editing/location">
        # RequestHeader needed only for TiddlyWiki
        RequestHeader edit "If-Match" '^"((.*)-(gzip|br))"$' '"$1", "$2"'
        DAV On
        DirectoryIndex disabled
        AuthType Basic
        AuthName "edit wiki"
        AuthUserFile "some/file"
        Require valid-user
    </Location>

Leave a Reply

Your email address will not be published. Required fields are marked *