Monday, November 3, 2014

apache 2.2 - WebDAV on CentOS - getting 403 error when attempt to upload



I configured Apache2 to allow WebDav on a directory (CentOS 5 / Plesk 8.6):




  • WebDav is enabled in httpd.conf

  • /var/lib/dav/lockdb is writeable by Apache


  • My target dir is chmod 777

  • My target dir is chowned apache:psacln

  • using Basic Authentication (setup by Plesk interface)



in my vhost.conf I have:





        Dav On

    AllowOverride none
        Order allow,deny
        Allow from all



I can connect to the directory using authentication fine and download files from it. But I cannot write to the dir. I get a 403 Error when I attempt to upload or create a dir.



Anyone have any tips?




Thanks in advance -



Update - 6/5 Using the comments below I've isolated the issue to being some type of conflict with .htpasswd protected directories. I can created an unprotected dir and enable WebDAV uploads fine. But once I enable Basic Auth on the directory everything goes south. I can read but no longer upload.



This is my vhost.conf:





        AuthUserFile /var/www/.htpasswd
        AuthName "Login"

        AuthType Basic
        Require valid-user

        DAV on
    AllowOverride none
        
                Require valid-user





Update 6/6



Was able to get WebDAV working on a different domain with minimal effort. The only difference between the two domains is that in the one which refuses to allow write access I have a DocumentRoot directive:




    DocumentRoot /var/www/vhosts/domain.com/httpdocs/app/webroot



Might this be causing some problems?


Answer



I recently struggled with the same problem on my Fedora 10 system. In my case the culprit was some odd redirection that I was doing in Apache. Specifically, I use a content management system (Drupal, to be exact) that within it's .htaccess includes the following redirection logic to redirect missing files to a PHP script:



# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]



It makes sense that the above only affects the PUT method since in that case REQUEST_FILENAME does not exist.



Not having the WebDAV area inside of the Drupal area, which seems like a reasonable constraint, fixes the problem.



Also, I think it is likely that SELinux would result in a different error, but it's not mentioned in the discussion above. Did you try disabling SELinux?


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...