WebDAV overview

Overview

Web-based Distributed Authoring and Versioning (WebDAV) is an extension to the HTTP protocol which allows users to collaboratively edit and manage files on remote web servers. The World Wide Web, as conceived by Tim Berners-Lee, was always intended to be a readable and writable medium. However, as the web grew it became a largely read-only medium. WebDAV has emerged as a way to restore that functionality.

No access to your .htaccess and .htpasswd files

The instructions in this article create an .htaccess and .htpasswd files which will be owned by the server. This means you will not be able to manually edit either of these files if you need to. Additionally, these instructions will overwrite any existing .htaccess file. Make sure to backup your existing .htaccess file before beginning these steps.

If you only need to password protect your site and will need access to your .htaccess and .htpasswd file at any time in the future, you should follow the directions in the following article instead. 

These instructions walk you through how to manually create your .htaccess and .htpasswd file.

HTTPS

If you'd like to access your WebDAV directory over a secure connection, you must purchase an SSL certificate. Visit the following article for further details:

User access

The DreamHost panel allows you to specify which users have access to a WebDAV-enabled directory. However, by default, each user has full access to all files in the entire directory. This may not be an issue with a very simple WebDAV directory, but as the WebDAV directory grows in users, certain problems may arise. For example:

  • There is no file-level security.
– Users can potentially overwrite edits by another user and even delete another user's file.
– Any files intended to be private are viewable by all users of the folder.
  • User management cannot be done automatically (e.g., no adding users via PHP scripts).

The best solution is to specify access levels (Access-Control-Lists) on a per-folder (or maybe even per-file) basis. As the user count grows, you can then manage the users and passwords list automatically using scripts.

This can be done by creating/editing an .htaccess file placed in every folder where you want to make an exception.

Enabling WebDAV on an entire domain, not just a sub-folder

Creating the WebDAV directory in your DreamHost panel does not allow you to apply WebDAV to an entire domain – it only works on the specific subdirectory. However, using an .htaccess file, you can make it so WebDAV works when visiting the site's URL without the subdirectory.

WebDAV uses it's own .htaccess and .htpasswd file which are controlled by the WebDAV interface and may not always be visible. This may cause "abnormal" behavior in certain instances, such as creating a WebDAV directory off of your domain's root directory (e.g., https://example.com/webdav/). It is suggested that if you're creating a WebDAV directory, you ensure that the target WebDAV (as well as its parent) are reasonably isolated from your main site.

  1. Visit the Htaccess/WebDAV page to set up a directory with WebDAV enabled.
    • For the rest of these steps, it's assumed that the directory is called "site".
  2. If you already have any data or directories you want to include in the new WebDAV site, connect to your new WebDAV share and upload them. The URL of your WebDAV share should be something like https://example.com/site/.
    • Don't worry about modifying the links within your pages – they will still work exactly the same way they currently do.
    The remaining steps help you create an .htaccess file so that rewrite requests to https://example.com use the data stored in https://example.com/site/:
  3. In the main folder for your domain, create a file called .htaccess. Make sure you include the period at the start.
  4. Put the following text into the file:
    RewriteEngine on
    RewriteCond %{REQUEST_URI} !site/
    RewriteRule ^(.*)$ /site/$1
    
    • The first line turns on rewriting.
    • The second line tells the webserver not to rewrite https://example.com/site/.
    • The third line tells the webserver to rewrite all requests to https://example.com/ to use the data from https://example.com/site/.
  5. If you have directories that you don't want to be under WebDAV control, add additional RewriteCond lines like the one for "site". For example, if you don't want the directory "scripts" to be rewritten, then add the following:
    RewriteCond %{REQUEST_URI} !scripts/
    

When you now visit https://example.com/ you should actually be sent the data from https://example.com/site/, but your URLs will look exactly the same as they did before.

Troubleshooting

WebDAV and mod_rewrite

Certain software such as WordPress and Joomla put Rewrite directives in your site’s base directory, even when installed to a subdirectory. This could possibly interfere with WebDAV access. If so, modify the base .htaccess as follows. Before each RewriteRule add:

RewriteCond %{REQUEST_URI} !/webdavdir
where webdavdir is the directory you want WebDAV access to. For multiple directories, put them in parentheses separated by pipes, like so:
RewriteCond %{REQUEST_URI} !/(webdavdir1|webdavdir2|webdavdir3)

Editing files normally pre-processed by the web server

One problem with WebDAV is that it does not allow you to edit the source of server processed files, including PHP, shtml, Perl, and so on. This is because it uses the same command to "GET" the file as your web browser. The webserver has no way of knowing to not process the PHP file and give you the output instead of the source code.

Adding this line to your .htaccess file disables all processing:

SetHandler default-handler

This forces .php files to show their source, including any passwords you have coded in. You will need to change the permissions on your .htaccess file to edit it. Any changes made to this file will be overwritten if you make any changes in the panel to your htaccess/webdav options.

You could also append .txt to the end of any file to force it to read as a normal text file. For example, change test.php to test.php.txt.

WebDAV extensions

DreamHost's WebDAV implementation does not support extensions, such as CalDAV. You may be able to implement these features using third-party software, but DreamHost support cannot assist with any installation or configuration issues.

See also

Did this article answer your questions?

Article last updated PST.

Still not finding what you're looking for?