Wong Liang Zan

Wong Liang Zan

© 2020

How to configure WebDAV using Apache on Ubuntu

WebDAV is an extension of the HTTP protocol that allows users to manage files on servers. There are many ways to manage files on a remote server. WebDAV has several benefits over other solutions such as FTP or Samba. In this article, we will go through how to configure your Apache server on Ubuntu 14.04 to allow native WebDAV access from Windows, Mac and Linux with authentication.

Why WebDAV?

WebDAV offers several advantages.

  • Native integration on all major OSes(Windows, Mac, Linux). There is no need to install third party software to use WebDAV.

  • Supports partial transfers.

  • More choices for authentication. Being on HTTP means NTLM, Kerberos, LDAP, etc are possible.

Depending on your situation, WebDAV may be the best solution for your needs.

Why Apache?

There are many web servers around that supports WebDAV on Linux. However, Apache has the most compliant implementation of the WebDAV protocol out there. At the time in writing, WebDAV on Nginx and Lighttpd work but only partially.

Install Apache

Let us get Apache installed.

sudo apt-get update
sudo apt-get install apache2

The Apache web server should be installed and running.

Setting up WebDAV

There are 3 steps to set up WebDAV. We designate a location, enable the necessary modules and configure it.

Step 1: Preparing the directories

We need to designate a folder for serving WebDAV. We are creating a new directory in /var/www for that. You will also need to change the owner to www-data(or whichever your Apache user is) in order to allow Apache to write to it.

sudo mkdir /var/www/webdav
sudo chown www-data:www-data /var/www/

Step 2: Enabling modules

Next we enable the modules using a2enmod

sudo a2enmod dav
sudo a2enmod dav_fs

The Apache modules are found under /etc/apache2/modules-available. This creates a symbolic link from /etc/apache2/modules-available to /etc/apache2/modules-enabled.

Configuration

We open the configuration file at /etc/apache2/sites-available/000-default.conf using your favorite text editor. Add the following configuration.

DavLockDB /var/www/DavLock

<VirtualHost *:80>
    Alias /webdav /var/www/webdav

    <Directory /var/www/webdav>
        DAV On
    </Directory>
</VirtualHost>

The DavLockDB directive designates the name of the DAV Lock database. It should be a path to a file. The file does not need to be created. The directory should be writeable by the Apache server.

The Alias directive maps requests to http://your.server/webdav to the /var/www/webdav folder.

The Directory directive tells Apache to enable WebDAV for the /var/www/webdav folder. You can find out more about mod_dav from the Apache docs.

If you restart the Apache server, you will have a working WebDAV server without authentication.

Restart the Apache server like this

sudo service apache2 restart

The WebDAV server should be found at __http:///webdav__. Try logging in without any credentials.

Adding authentication

A WebDAV server without authentication is not secure. In this section we’ll add authentication to your WebDAV server. There are many authentication schemes available. We are only going to touch on the 2 simplest schemes: Basic and Digest authentication.

Which to use? Basic or Digest authentication?

Take a look at this table which illustrates the compatibility of the various authentication schemes on different operating systems. Note that if you are serving HTTPS, we are assuming your ssl cert is valid(not self-signed).

WebDAV compatibility

If you are using HTTP, use Digest authentication as it will work on all operating systems. If you are using HTTPS, you have the option of using Basic authentication.

We’re going to cover the Digest authentication version since it works on all the operating systems without the need for a SSL cert.

Digest authentication

Let us generate the file(called users.password) that stores the password for the users. In Digest authentication, there is the realm field which acts as a namespace for the users. We will use webdav as our realm. Our first user will be called alex.

To generate the digest file, we have to install the dependencies.

sudo apt-get install apache2-utils

After that, we generate the file.

sudo htdigest -c /etc/apache2/users.password webdav alex

There should be a password prompt for the password of alex.

For subsequent addition of users, you should remove the c flag. Another example adding a user called bob.

sudo htdigest /etc/apache2/users.password webdav bob

We also need to allow Apache to read it. So we change the owner of the file.

sudo chown www-data:www-data /etc/apache2/users.password

After the password file is created, we should make changes to the configuration at /etc/apache2/sites-available/000-default.conf.

DavLockDB /var/www/DavLock

<VirtualHost *:80>
    Alias /webdav /var/www/webdav

    <Directory /var/www/webdav>
        DAV On
        AuthType Digest
        AuthName "webdav"
        AuthUserFile /etc/apache2/users.password
	Require valid-user
    </Directory>
</VirtualHost>

The mod_authn module contains the definitions for the authentication directives. In essence, we instruct Apache that for the /var/www/webdav directory, there should be authentication using the Digest scheme. The realm should be called webdav. Find the password from the file at /etc/apache2/users.password. Only valid users who authenticate themselves is able to acess that directory.

Finally, enable the digest module and restart the server for the settings to take effect.

sudo a2enmod auth_digest
sudo service apache2 restart

Testing it

We’ll demonstrate how to access your WebDAV server from the native file browsers of Mac, Windows and Linux(Ubuntu).

Mac

On Mac, open Finder. On the menu bar, find Go and select the option Connect to Server.

WebDAV Mac Step 1

Enter the server address. It should be __http:///webdav__. Press __Connect__.

WebDAV Mac Step 2

You will be prompted for a username and pssword. Enter them and press Connect.

WebDAV Mac Step 3

Once you have connected, the directory should appear in Finder.

WebDAV Mac Step 4

Windows

On Windows, open File Explorer. On the left sidebar, you should find the Network icon.

WebDAV Windows Step 1

Right click on the Network icon. It should show the context menu with the option Map network drive. Click on that.

WebDAV Windows Step 2

Enter the server address in the folder field. It should be __http:///webdav__. Select the __Connect using different credentials__ if your login is different. Press __Finish__.

WebDAV Windows Step 3

You will be prompted for a username and password. Enter them and press OK.

WebDAV Windows Step 4

Once you have connected, it should appear as a network drive on the left sidebar of your File Explorer.

WebDAV Windows Step 5

Linux(Ubuntu)

We are using Ubuntu 14.04 as our Linux desktop operating system. On Ubuntu, open Files. THere is a Connect to Server option on the left sidebar. Click on that.

WebDAV Linux Step 1

Enter the server address. It should be __dav:///webdav__. Press __Connect__.

WebDAV Linux Step 2

You will be prompted for a username and password. Enter them and press Connect.

WebDAV Linux Step 3

Once you have connected, the directory should appear under the Network listing.

WebDAV Linux Step 4

Conclusion

In this article, we have gone through how to set up a WebDAV server using Apache on Ubuntu 14.04. We have also discussed how to configure Digest authentication to secure the server. Lastly, we have shown you how to connect to the WebDAV server from all 3 major operating systems using their native file browsers.