You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "J. Bakshi" <jo...@infoservices.in> on 2009/12/03 06:36:19 UTC

[users@httpd] .htaccess restricts write permission from webdav

Hello list,

I am facing a strange problem with webdav caused by .htaccess !!!  I am running debian lenny server with apache2

` ` `
Server version: Apache/2.2.9 (Debian)
Server built:   Jul 14 2009 20:44:04
` ` `

with  dav and dav_fs enabled.  webdav is used here to modify/publish sites in apache htdocs folder. webdav is running well and it also creates and deletes file/folder with out any problem. The problem starts as soon as I place .htaccess file inside a folder (website). webdav can't publish anything there!!! It generates error as below from client pc

` ` '
touch 123
touch: cannot touch `123': Input/output error

mkdir 123
mkdir: cannot create directory `123': No such file or directory
 ` ` `

windows client simply throws error as permission denied. 

My webdav configuration is

 ` ` `
## webdav access

Alias /webdav/user1 /var/personal_work_area/user1

      <Location /webdav/user1>
           DAV On
           ForceType text/plain
            SSLRequireSSL
            AuthType Basic
           AuthName "user1's webdav"
           AuthUserFile  /home/svn/PASSWD
           Require user user1

       </Location>
` ` `

and .htaccess is

` ` `
Options +FollowSymLinks

RewriteEngine On
RewriteRule ^typo3$ - [L]
RewriteRule ^typo3/.*$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* index.php
` ` `

as soon as I delete .htaccess ( from the server) webdav has no problem to create/delete files/folders.

Does any one know why .htaccess prevents  write access from webdav ?

Thanks

-- 
জয়দীপ বক্সী


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Re: .htaccess restricts write permission from webdav

Posted by LuKreme <kr...@kreme.com>.

On 6-Dec-2009, at 20:15, J. Bakshi wrote:
> Though I have fond that creating a .htaccess or deleting it through webdav is not possible.


Usually apache is setup to refuse to serve .ht* files for security reasons. If this is not the case, there's no reason the htaccess file should not be available via webdav.

The block usually looks something like this in httpd.conf:

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

Now, exposing the innards of the .htaccess of especially .htpasswd files like this is certainly risky, so I wouldn't do it.

-- 
Oh, he's just like any other man, only more so.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Re: .htaccess restricts write permission from webdav

Posted by "J. Bakshi" <jo...@infoservices.in>.

LuKreme wrote:
> On 6-Dec-2009, at 20:15, J. Bakshi wrote:
>   
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>> ` ` `
>>
>> and now webdav has no problem with create/delete operation
>>     
>
>
> One other thing, if you duplicate the RewriteCond above these rules, they should work as well.
>
> something like:
>
> Options +FollowSymLinks
>
> RewriteEngine On
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule ^typo3$ - [L]
>
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule ^typo3/.*$ - [L]
>
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{REQUEST_FILENAME} !-l
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule .* index.php
>
> (as I understand it, RewriteCond ONLY apply to the next single RewriteRule. Perhaps there is a way to have a single condition apply to all rules and someone else will point it out)
>
>   

Hello LuKreme,

thanks once again for the configuration :-) I'll definitely give it a
try. Thanks for the clarification.
wish you a great day.


-- 
জয়দীপ বক্সী


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Re: .htaccess restricts write permission from webdav

Posted by LuKreme <kr...@kreme.com>.

On 6-Dec-2009, at 20:15, J. Bakshi wrote:
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]
> ` ` `
> 
> and now webdav has no problem with create/delete operation


One other thing, if you duplicate the RewriteCond above these rules, they should work as well.

something like:

Options +FollowSymLinks

RewriteEngine On
RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule ^typo3$ - [L]

RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule ^typo3/.*$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule .* index.php

(as I understand it, RewriteCond ONLY apply to the next single RewriteRule. Perhaps there is a way to have a single condition apply to all rules and someone else will point it out)

-- 
An edge witch is one who makes her living on the edges, in that moment when boundary conditions apply - between life and death, light and dark, good and evil and, most dangerously of all, today and tomorrow. --The Thief of Time


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Re: .htaccess restricts write permission from webdav

Posted by "J. Bakshi" <jo...@infoservices.in>.

LuKreme wrote:
> On 3-Dec-2009, at 22:22, J. Bakshi wrote:
>
>   
>> Options +FollowSymLinks
>>
>> RewriteEngine On
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>>
>> RewriteCond %{REQUEST_FILENAME} !-f
>> RewriteCond %{REQUEST_FILENAME} !-d
>> RewriteCond %{REQUEST_FILENAME} !-l
>>
>> RewriteCond %{REQUEST_URI} !^/webdav
>> RewriteRule .* index.php
>>     
>
>
> Hmm. Could it be you have to exempt the webdav from ALL the rules, not just the REQUEST_FILENAME? I've got limited help to give, my configuration was different, so my condition was different.
>
> Try commenting out the typo3 rules for now and see if that changes the behavior. Beyond that, your guess is as good as mine.
>
>   

LuKreme, you are a hero.  Your assumption is working here. I have
omitted two lines

` ` `

RewriteRule ^typo3$ - [L]
RewriteRule ^typo3/.*$ - [L]
` ` `

and now webdav has no problem with create/delete operation :-)  Though I have fond that creating a .htaccess or deleting it through webdav is not possible.

many many thanks 



-- 
জয়দীপ বক্সী


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Re: .htaccess restricts write permission from webdav

Posted by LuKreme <kr...@kreme.com>.

On 3-Dec-2009, at 22:22, J. Bakshi wrote:

> Options +FollowSymLinks
> 
> RewriteEngine On
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]
> 
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{REQUEST_FILENAME} !-l
> 
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule .* index.php


Hmm. Could it be you have to exempt the webdav from ALL the rules, not just the REQUEST_FILENAME? I've got limited help to give, my configuration was different, so my condition was different.

Try commenting out the typo3 rules for now and see if that changes the behavior. Beyond that, your guess is as good as mine.

-- 
BUGS: There is no conversion specification for the phase of the
	moon." strftime(3) man page


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Re: .htaccess restricts write permission from webdav

Posted by "J. Bakshi" <jo...@infoservices.in>.

LuKreme wrote:
> On Dec 3, 2009, at 20:13, "J. Bakshi" <jo...@infoservices.in> wrote:
>
>> RewriteCond %{REQUEST_URI} !^webdav
>
> That's wrong.
>
> !^/webdav
>
> The / is part of the uri

Sorry for the mistake. I have corrected it but no luck :-(  Here is my
complete .htacess once again

` ` `
Options +FollowSymLinks

RewriteEngine On
RewriteRule ^typo3$ - [L]
RewriteRule ^typo3/.*$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l

RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule .* index.php
` ` `
 and here is my apache configuration to access webdav

` ` `
## webdav access

Alias /webdav/user1   /var/personal_work_area/user1

      <Location /webdav/user1 >
           DAV On
           ForceType text/plain
           SSLRequireSSL
           AuthType Basic
           AuthName "Personal work area"
           AuthUserFile  /home/svn/PASSWD
           Require user user1
       </Location>

` ` `

-- 
জয়দীপ বক্সী


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Re: .htaccess restricts write permission from webdav

Posted by LuKreme <kr...@kreme.com>.

On Dec 3, 2009, at 20:13, "J. Bakshi" <jo...@infoservices.in> wrote:

> RewriteCond %{REQUEST_URI} !^webdav

That's wrong.

!^/webdav

The / is part of the uri

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Re: .htaccess restricts write permission from webdav

Posted by "J. Bakshi" <jo...@infoservices.in>.

LuKreme wrote:
> On 2-Dec-2009, at 22:36, J. Bakshi wrote:
>   
>> RewriteEngine On
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>>     
>
>
> I just went through this with wordpress. You have to exempt webdav from all the rewrites.
>
> On 25-Nov-2009, at 11:15, LuKreme wrote:
>   
>> I modified the htaccess file hoping I could eliminate the webdav issue. My webdav mount is webdav.example.com, so I did this:
>>
>> <IfModule mod_rewrite.c>
>> RewriteEngine On
>> RewriteBase /
>> RewriteCond %{REQUEST_FILENAME} !-f
>> RewriteCond %{REQUEST_FILENAME} !-d
>> RewriteCond %{HTTP_HOST} !^webdav
>> RewriteRule . /index.php [L]
>> RewriteRule ^u/([0-9]+)$ wp-content/plugins/short-url-plugin/u.php?$1|$2
>> </IfModule>
>>
>> That has fixed the problem and it is now possible to access the entire web space via wedbav.
>>     
>
> the RewriteCond ${HTTP_HOST} is the line that did it. If your webdav is
>
> http://www.example.com/webdav then something like
>
> RewriteCond %{REQUEST_URI} !^webdav
>
> should work
>
>   

Hello LuKreme,

Thanks for your response. I have also tried the wordpress technique at
first place but didn't get any success. I accessed webdav by
https://192.168.1.1/webdav/user1

I placed the rule in .htaccess

` ` `
RewriteCond %{REQUEST_URI} !^webdav
` ` `
before  "RewriteRule .* index.php" but no luck :-(



-- 
জয়দীপ বক্সী


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Re: .htaccess restricts write permission from webdav

Posted by LuKreme <kr...@kreme.com>.

On 2-Dec-2009, at 22:36, J. Bakshi wrote:
> RewriteEngine On
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]


I just went through this with wordpress. You have to exempt webdav from all the rewrites.

On 25-Nov-2009, at 11:15, LuKreme wrote:
> I modified the htaccess file hoping I could eliminate the webdav issue. My webdav mount is webdav.example.com, so I did this:
> 
> <IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteBase /
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{HTTP_HOST} !^webdav
> RewriteRule . /index.php [L]
> RewriteRule ^u/([0-9]+)$ wp-content/plugins/short-url-plugin/u.php?$1|$2
> </IfModule>
> 
> That has fixed the problem and it is now possible to access the entire web space via wedbav.

the RewriteCond ${HTTP_HOST} is the line that did it. If your webdav is

http://www.example.com/webdav then something like

RewriteCond %{REQUEST_URI} !^webdav

should work

-- 
"I program Windows - of course it isn't safe." - Meski


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] .htaccess restricts write permission from webdav

Posted by André Warnier <aw...@ice-sa.com>.

J. Bakshi wrote:
> 
> windows client simply throws error as permission denied. 
> 
...
> 
> Does any one know why .htaccess prevents  write access from webdav ?
> 
Hi.
I am not saying that this /is/ your problem, but you should be aware of 
the fact that all DAV client implementations in Windows are notoriously 
buggy and unreliable.
Search Google for this : windows +dav +miniredirector
to get an idea of the dimension of the problem.

We use "web folders" heavily in our own applications.  We have learned 
by experience that, depending on the version of Windows, the patches 
applied, whether or not there is MS-Office installed, etc.. the 
behaviour of the webfolders <-> Apache DAV dialog is quite variable.
All in all, this is quite frustrating, and can be very time-consuming to 
track down precisely.
Since you can probably never insure that all client workstations have 
exactly the same versions, basically these different behaviours will 
always hit you.
To avoid this kind of trouble, try to keep the interface as basic as 
possible.
If a .htaccess does not work, try for example to set up the same access 
rules outside of a .htaccess file, e.g. in your server config inside of 
a <Location> section.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] .htaccess restricts write permission from webdav

Posted by Nick Kew <ni...@webthing.com>.

On 3 Dec 2009, at 05:36, J. Bakshi wrote:

> Hello list,
> 
> I am facing a strange problem with webdav caused by .htaccess !!!  

Don't.  DAV configuration isn't just a map of URL-space to
native-filesystem-space, which is why you need to configure
it in URL-space.  Anything in filesystem-space is sure to
produce counterintuitive results.

-- 
Nick Kew

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org