You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by LuKreme <kr...@kreme.com> on 2009/12/03 15:16:43 UTC
[users@httpd] Re: .htaccess restricts write permission from webdav
On 2-Dec-2009, at 22:36, J. Bakshi wrote:
> RewriteEngine On
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]
I just went through this with wordpress. You have to exempt webdav from all the rewrites.
On 25-Nov-2009, at 11:15, LuKreme wrote:
> I modified the htaccess file hoping I could eliminate the webdav issue. My webdav mount is webdav.example.com, so I did this:
>
> <IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteBase /
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{HTTP_HOST} !^webdav
> RewriteRule . /index.php [L]
> RewriteRule ^u/([0-9]+)$ wp-content/plugins/short-url-plugin/u.php?$1|$2
> </IfModule>
>
> That has fixed the problem and it is now possible to access the entire web space via wedbav.
the RewriteCond ${HTTP_HOST} is the line that did it. If your webdav is
http://www.example.com/webdav then something like
RewriteCond %{REQUEST_URI} !^webdav
should work
--
"I program Windows - of course it isn't safe." - Meski
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: .htaccess restricts write permission from webdav
Posted by LuKreme <kr...@kreme.com>.
On 6-Dec-2009, at 20:15, J. Bakshi wrote:
> Though I have fond that creating a .htaccess or deleting it through webdav is not possible.
Usually apache is setup to refuse to serve .ht* files for security reasons. If this is not the case, there's no reason the htaccess file should not be available via webdav.
The block usually looks something like this in httpd.conf:
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
Now, exposing the innards of the .htaccess of especially .htpasswd files like this is certainly risky, so I wouldn't do it.
--
Oh, he's just like any other man, only more so.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: .htaccess restricts write permission from webdav
Posted by "J. Bakshi" <jo...@infoservices.in>.
LuKreme wrote:
> On 6-Dec-2009, at 20:15, J. Bakshi wrote:
>
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>> ` ` `
>>
>> and now webdav has no problem with create/delete operation
>>
>
>
> One other thing, if you duplicate the RewriteCond above these rules, they should work as well.
>
> something like:
>
> Options +FollowSymLinks
>
> RewriteEngine On
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule ^typo3$ - [L]
>
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule ^typo3/.*$ - [L]
>
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{REQUEST_FILENAME} !-l
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule .* index.php
>
> (as I understand it, RewriteCond ONLY apply to the next single RewriteRule. Perhaps there is a way to have a single condition apply to all rules and someone else will point it out)
>
>
Hello LuKreme,
thanks once again for the configuration :-) I'll definitely give it a
try. Thanks for the clarification.
wish you a great day.
--
জয়দীপ বক্সী
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: .htaccess restricts write permission from webdav
Posted by LuKreme <kr...@kreme.com>.
On 6-Dec-2009, at 20:15, J. Bakshi wrote:
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]
> ` ` `
>
> and now webdav has no problem with create/delete operation
One other thing, if you duplicate the RewriteCond above these rules, they should work as well.
something like:
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule ^typo3$ - [L]
RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule ^typo3/.*$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule .* index.php
(as I understand it, RewriteCond ONLY apply to the next single RewriteRule. Perhaps there is a way to have a single condition apply to all rules and someone else will point it out)
--
An edge witch is one who makes her living on the edges, in that moment when boundary conditions apply - between life and death, light and dark, good and evil and, most dangerously of all, today and tomorrow. --The Thief of Time
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: .htaccess restricts write permission from webdav
Posted by "J. Bakshi" <jo...@infoservices.in>.
LuKreme wrote:
> On 3-Dec-2009, at 22:22, J. Bakshi wrote:
>
>
>> Options +FollowSymLinks
>>
>> RewriteEngine On
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>>
>> RewriteCond %{REQUEST_FILENAME} !-f
>> RewriteCond %{REQUEST_FILENAME} !-d
>> RewriteCond %{REQUEST_FILENAME} !-l
>>
>> RewriteCond %{REQUEST_URI} !^/webdav
>> RewriteRule .* index.php
>>
>
>
> Hmm. Could it be you have to exempt the webdav from ALL the rules, not just the REQUEST_FILENAME? I've got limited help to give, my configuration was different, so my condition was different.
>
> Try commenting out the typo3 rules for now and see if that changes the behavior. Beyond that, your guess is as good as mine.
>
>
LuKreme, you are a hero. Your assumption is working here. I have
omitted two lines
` ` `
RewriteRule ^typo3$ - [L]
RewriteRule ^typo3/.*$ - [L]
` ` `
and now webdav has no problem with create/delete operation :-) Though I have fond that creating a .htaccess or deleting it through webdav is not possible.
many many thanks
--
জয়দীপ বক্সী
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: .htaccess restricts write permission from webdav
Posted by LuKreme <kr...@kreme.com>.
On 3-Dec-2009, at 22:22, J. Bakshi wrote:
> Options +FollowSymLinks
>
> RewriteEngine On
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]
>
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{REQUEST_FILENAME} !-l
>
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule .* index.php
Hmm. Could it be you have to exempt the webdav from ALL the rules, not just the REQUEST_FILENAME? I've got limited help to give, my configuration was different, so my condition was different.
Try commenting out the typo3 rules for now and see if that changes the behavior. Beyond that, your guess is as good as mine.
--
BUGS: There is no conversion specification for the phase of the
moon." strftime(3) man page
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: .htaccess restricts write permission from webdav
Posted by "J. Bakshi" <jo...@infoservices.in>.
LuKreme wrote:
> On Dec 3, 2009, at 20:13, "J. Bakshi" <jo...@infoservices.in> wrote:
>
>> RewriteCond %{REQUEST_URI} !^webdav
>
> That's wrong.
>
> !^/webdav
>
> The / is part of the uri
Sorry for the mistake. I have corrected it but no luck :-( Here is my
complete .htacess once again
` ` `
Options +FollowSymLinks
RewriteEngine On
RewriteRule ^typo3$ - [L]
RewriteRule ^typo3/.*$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule .* index.php
` ` `
and here is my apache configuration to access webdav
` ` `
## webdav access
Alias /webdav/user1 /var/personal_work_area/user1
<Location /webdav/user1 >
DAV On
ForceType text/plain
SSLRequireSSL
AuthType Basic
AuthName "Personal work area"
AuthUserFile /home/svn/PASSWD
Require user user1
</Location>
` ` `
--
জয়দীপ বক্সী
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: .htaccess restricts write permission from webdav
Posted by LuKreme <kr...@kreme.com>.
On Dec 3, 2009, at 20:13, "J. Bakshi" <jo...@infoservices.in> wrote:
> RewriteCond %{REQUEST_URI} !^webdav
That's wrong.
!^/webdav
The / is part of the uri
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: .htaccess restricts write permission from webdav
Posted by "J. Bakshi" <jo...@infoservices.in>.
LuKreme wrote:
> On 2-Dec-2009, at 22:36, J. Bakshi wrote:
>
>> RewriteEngine On
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>>
>
>
> I just went through this with wordpress. You have to exempt webdav from all the rewrites.
>
> On 25-Nov-2009, at 11:15, LuKreme wrote:
>
>> I modified the htaccess file hoping I could eliminate the webdav issue. My webdav mount is webdav.example.com, so I did this:
>>
>> <IfModule mod_rewrite.c>
>> RewriteEngine On
>> RewriteBase /
>> RewriteCond %{REQUEST_FILENAME} !-f
>> RewriteCond %{REQUEST_FILENAME} !-d
>> RewriteCond %{HTTP_HOST} !^webdav
>> RewriteRule . /index.php [L]
>> RewriteRule ^u/([0-9]+)$ wp-content/plugins/short-url-plugin/u.php?$1|$2
>> </IfModule>
>>
>> That has fixed the problem and it is now possible to access the entire web space via wedbav.
>>
>
> the RewriteCond ${HTTP_HOST} is the line that did it. If your webdav is
>
> http://www.example.com/webdav then something like
>
> RewriteCond %{REQUEST_URI} !^webdav
>
> should work
>
>
Hello LuKreme,
Thanks for your response. I have also tried the wordpress technique at
first place but didn't get any success. I accessed webdav by
https://192.168.1.1/webdav/user1
I placed the rule in .htaccess
` ` `
RewriteCond %{REQUEST_URI} !^webdav
` ` `
before "RewriteRule .* index.php" but no luck :-(
--
জয়দীপ বক্সী
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org