How To Set Up WebDAV With Apache2 On Debian Lenny

This guide explains how to set up WebDAV with Apache2 on a Debian Lenny server. WebDAV stands for Web-based Distributed Authoring and Versioning and is a set of extensions to the HTTP protocol that allow users to directly edit files on the Apache server so that they do not need to be downloaded/uploaded via FTP. Of course, WebDAV can also be used to upload and download files.

I do not issue any guarantee that this will work for you!

1 Preliminary Note

I'm using a Debian Lenny server with the IP address 192.168.0.100 here.

2 Installing WebDAV

If Apache is not already installed, install it as follows:

aptitude install apache2

Afterwards, enable the WebDAV modules:

a2enmod dav_fs
a2enmod dav

Restart Apache:

/etc/init.d/apache2 restart

3 Creating A Virtual Host

I will now create a default Apache vhost in the directory /var/www/web1/web. For this purpose, I will modify the default Apache vhost configuration in /etc/apache2/sites-available/default. If you already have a vhost for which you'd like to enable WebDAV, you must adjust this tutorial to your situation.

First, we create the directory /var/www/web1/web and make the Apache user (www-data) the owner of that directory:

mkdir -p /var/www/web1/web
chown www-data /var/www/web1/web

Then we back up the default Apache vhost configuration (/etc/apache2/sites-available/default) and create our own one:

mv /etc/apache2/sites-available/default /etc/apache2/sites-available/default_orig
vi /etc/apache2/sites-available/default

NameVirtualHost * ServerAdmin webmaster@localhost DocumentRoot /var/www/web1/web/ Options Indexes MultiViews AllowOverride None Order allow,deny allow from all

Then reload Apache:

/etc/init.d/apache2 reload

4 Configure The Virtual Host For WebDAV

Now we create the WebDAV password file /var/www/web1/passwd.dav with the user test (the -c switch creates the file if it does not exist):

htpasswd -c /var/www/web1/passwd.dav test

You will be asked to type in a password for the user test.

(Please don't use the -c switch if /var/www/web1/passwd.dav is already existing because this will recreate the file from scratch, meaning you lose all users in that file!)

Now we change the permissions of the /var/www/web1/passwd.dav file so that only root and the members of the www-data group can access it:

chown root:www-data /var/www/web1/passwd.dav
chmod 640 /var/www/web1/passwd.dav

Now we modify our vhost in /etc/apache2/sites-available/default and add the following lines to it:

vi /etc/apache2/sites-available/default

[...] Alias /webdav /var/www/web1/web DAV On AuthType Basic AuthName "webdav" AuthUserFile /var/www/web1/passwd.dav Require valid-user [...]

The Alias directive makes (together with ) that when you call /webdav, WebDAV is invoked, but you can still access the whole document root of the vhost. All other URLs of that vhost are still "normal" HTTP.

The final vhost should look like this:

NameVirtualHost * ServerAdmin webmaster@localhost DocumentRoot /var/www/web1/web/ Options Indexes MultiViews AllowOverride None Order allow,deny allow from all Alias /webdav /var/www/web1/web DAV On AuthType Basic AuthName "webdav" AuthUserFile /var/www/web1/passwd.dav Require valid-user

Reload Apache afterwards:

/etc/init.d/apache2 reload

5 Testing WebDAV

We will now install cadaver, a command-line WebDAV client:

aptitude install cadaver

To test if WebDAV works, type:

cadaver http://localhost/webdav/

You should be prompted for a user name. Type in test and then the password for the user test. If all goes well, you should be granted access which means WebDAV is working ok. Type quit to leave the WebDAV shell:

server1:~# cadaver http://localhost/webdav/
Authentication required for webdav on server `localhost':
Username: test
Password:
dav:/webdav/> quit
Connection to `localhost' closed.
server1:~#