WebDAV overview

Web-based Distributed Authoring and Versioning (WebDAV) is an extension to the HTTP protocol which allows users to collaboratively edit and manage files on remote web servers. The World Wide Web, as conceived by Tim Berners-Lee, was always intended to be a readable and writable medium. However, as the web grew it became a largely read-only medium. WebDAV has emerged as a way to restore that functionality.


If you'd like to access your WebDAV directory over a secure connection, you must purchase an SSL certificate. Visit the following article for further details:

User access

The DreamHost panel allows you to specify which users have access to a WebDAV-enabled directory. However, by default, each user has full access to all files in the entire directory. This may not be an issue with a very simple WebDAV directory, but as the WebDAV directory grows in users, certain problems may arise. For example:

  • There is no file-level security.
– Users can potentially overwrite edits by another user and even delete another user's file.
– Any files intended to be private are viewable by all users of the folder.
  • User management cannot be done automatically (e.g., no adding users via PHP scripts).

The best solution is to specify access levels (Access-Control-Lists) on a per-folder (or maybe even per-file) basis. As the user count grows, you can then manage the users and passwords list automatically using scripts.

This can be done by creating/editing an .htaccess file placed in every folder where you want to make an exception.

Enabling WebDAV on an entire domain, not just a sub-folder

Creating the WebDAV directory in your DreamHost panel does not allow you to apply WebDAV to an entire domain – it only works on the specific subdirectory. However, using an .htaccess file, you can make it so WebDAV works when visiting the site's URL without the subdirectory.

WebDAV uses it's own .htaccess and .htpassword file which are controlled by the WebDAV interface and may not always be visible. This may cause "abnormal" behavior in certain instances, such as creating a WebDAV directory off of your domain's root directory (e.g., http://example.com/webdav/). It is suggested that if you're creating a WebDAV directory, you ensure that the target WebDAV (as well as it's parent) are reasonably isolated from your main site.

  1. Visit the (Panel > 'Goodies' > 'Htaccess/WebDAV') page to set up a directory with WebDAV enabled.
    • For the rest of these steps, it's assumed that the directory is called "site".
  2. If you already have any data or directories you want to include in the new WebDAV site, connect to your new WebDAV share and upload them. The URL of your WebDAV share should be something like http://example.com/site/.
    • Don't worry about modifying the links within your pages – they will still work exactly the same way they currently do.
    The remaining steps help you create an .htaccess file so that rewrite requests to http://example.com use the data stored in http://example.com/site/:
  3. In the main folder for your domain, create a file called ".htaccess". Make sure you include the period at the start.
  4. Put the following text into the file:
    RewriteEngine on
     RewriteCond %{REQUEST_URI} !site/
     RewriteRule ^(.*)$ /site/$1
  5. If you have directories that you don't want to be under WebDAV control, add additional RewriteCond lines like the one for "sites". For example, if you don't want the directory "scripts" to be rewritten, then add the following:
    RewriteCond %{REQUEST_URI} !scripts/

When you now visit http://example.com/ you should actually be sent the data from http://example.com/site/, but your URLs will look exactly the same as they did before.


WebDAV and mod_rewrite

Certain software such as WordPress and Joomla put rewrite directives in your site’s base directory, even when installed to a subdirectory. This could possibly interfere with WebDAV access. If so, modify the base .htaccess as follows. Before each RewriteRule add:

RewriteCond %{REQUEST_URI} !/webdavdir
where webdavdir is the directory you want WebDAV access to. For multiple directories, put them in parentheses separated by pipes, like so:
RewriteCond %{REQUEST_URI} !/(webdavdir1|webdavdir2|webdavdir3)

Editing files normally pre-processed by the web server

One problem with WebDAV is that it does not allow you to edit the source of server processed files, including PHP, shtml, Perl, and so on. This is because it uses the same command to "GET" the file as your web browser. The webserver has no way of knowing to not process the PHP file and give you the output instead of the source code.

Adding this line to your .htaccess file disables all processing:

SetHandler default-handler

This forces .php files to show their source, including any passwords you have coded in. You will need to change the permissions on your .htaccess file to edit it. Any changes made to this file will be overwritten if you make any changes in the panel to your htaccess/webdav options.

You could also append .txt to the end of any file to force it to read as a normal text file. For example, change test.php to test.php.txt.

See also

Internal links

External links