讓 Webdav 工作
這是一個星期我試圖讓 webdav 在 Vhost 上工作但沒有任何成功……
這是我的設置:
Debian 9
Apache 2.4
Virtualmin 6.01
SuexecUserGroup "#1039" "#1038" ServerName dav.mydom.com DocumentRoot /home/dav/public_html ErrorLog /var/log/virtualmin/dav.mydom.com_error_log CustomLog /var/log/virtualmin/dav.mydom.com_access_log combined <Directory "/home/dav/public_html"> Options Indexes MultiViews AllowOverride None Require all granted </Directory> Alias /webdav /home/dav/public_html <location /webdav> Dav on AuthType Basic AuthBasicProvider file AuthName "WebDav" AuthUserFile /home/dav/public_html/.htpasswd <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK OPTIONS> Require valid-user </Limit> </location> ProxyPassMatch ^/(.*.php(/.*)?)$ fcgi://localhost:8005/home/dav/public_html/$1 RemoveHandler .php RemoveHandler .php7.0 php_admin_value engine Off
試圖用屍體測試它,我收到消息我什至無法輸入我的使用者名並通過
[matth@www ~]# cadaver http://dav.mydom.com/webdav/ Authentication required for WebDav on server `dav.mydom.com': Username: Authentication aborted! Could not open collection: Could not authenticate to server: rejected Basic challenge dav:/webdav/?
我還通過創建 .netrc 通行證來自動進行身份驗證進行測試,但我很好:
[matth@www ~]# cadaver https://dav.mydom.com/webdav Could not access /webdav/ (not WebDAV-enabled?): 405 Method Not Allowed Connection to `db.ducorporation.com' closed. dav:!>
訪問日誌
s.r.c.ip - - [18/Jan/2018:04:03:29 +0100] "OPTIONS /test.txt HTTP/1.1" 200 4236 "-" "Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0" s.r.c.ip - - [18/Jan/2018:04:03:30 +0100] "HEAD /test.txt HTTP/1.1" 200 620 "https://app.dom.com/" "Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0" s.r.c.ip - - [18/Jan/2018:04:03:31 +0100] "OPTIONS /test.txt HTTP/1.1" 200 1146 "-" "Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0" s.r.c.ip - - [18/Jan/2018:04:03:32 +0100] "HEAD /test.txt HTTP/1.1" 200 620 "https://app.dom.com/" "Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0" s.r.c.ip - - [18/Jan/2018:04:03:32 +0100] "OPTIONS /test.txt HTTP/1.1" 200 1146 "-" "Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0" s.r.c.ip - - [18/Jan/2018:04:03:33 +0100] "PUT /test.txt HTTP/1.1" 405 938 "https://app.dom.com/" "Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0"
error.log為空
使用 suexec,我確保 Apache 在正確的使用者下執行,並且在身份驗證後,對任何文件的訪問也可以從 Web 瀏覽器工作。
還經過測試
不使用
location
但directory
禁用目錄索引
Auth none/Digest/Basic
DocumentRoot 路徑上的 Webdav 文件夾以及子文件夾
將 public_html 文件夾的所有權更改為 apache 使用者 - 我不做的其他事情不記得了
通過所有這些測試,我得到了同樣的錯誤
使用 Firefox/litmus/cadaver/webdav 客戶端應用程序完成了我的測試使用 Firefox 和 webdav 應用程序,我可以讀取和下載文件,但不能編輯
PUT
獲取405 error
(意思PUT
是不允許的,但在我的<Limit>
部分允許)使用 litmus/屍體至今沒機會做任何事……希望我足夠清楚
任何輸入將不勝感激
編輯:添加了 apache 日誌
馬修
這是我最終設法使其工作的方法:
此配置適用於SSL vhost 的 Apache 2.4,HTTP重定向到SSL。
我必須設置一個專用文件夾,其中 Apache 使用者具有專用的讀/寫訪問權限。
為了更安全,我希望 Apache 以特定使用者身份執行,但今天似乎最簡單的方法是使用
MPM-ITK
顯然與MPM-Prefork
我現在使用的模組不兼容的方法。一旦我了解了從
MPM-Prefork``MPM-ITK
遷移的後果,我會嘗試一下。歡迎對安全改進提出任何意見!
Header always set Access-Control-Allow-Origin "*" Header always set Access-Control-Allow-Headers "origin, content-type, cache-control, accept, authorization, if-match, destination, overwrite" Header always set Access-Control-Expose-Headers "ETag" Header always set Access-Control-Allow-Methods "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK" Header always set Access-Control-Allow-Credentials "true" RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ blank.html [R=200,L,E=HTTP_ORIGIN:%{HTTP:ORIGIN}] ServerName my.domain.com DocumentRoot /home/www/public_html ErrorLog /var/log/virtualmin/my.domain.com_error_log CustomLog /var/log/virtualmin/my.domain.com_access_log combined DavLockDB /home/www/public_html/DavLock <Directory /home/www/public_html> RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://my.domain.com/$1 [R,L] Options Indexes MultiViews SymLinksIfOwnerMatch AllowOverride None Require all granted </Directory> Alias /webdav /home/www/public_html <Location "/webdav"> Dav on DirectoryIndex none AuthType Basic AuthBasicProvider file AuthUserFile /home/www/public_html/.htpasswd AuthName "WebDav" <Limit GET HEAD POST PUT OPTIONS MOVE DELETE COPY LOCK UNLOCK> Require valid-user </Limit> <Limit OPTIONS> Require all granted </Limit> DavDepthInfinity off </Location> SSLEngine on SSLCertificateFile /home/my/ssl.cert SSLCertificateKeyFile /home/my/ssl.key SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLCACertificateFile /home/my/ssl.ca RemoveHandler .php RemoveHandler .php7.0 php_admin_value engine Off RedirectMatch ^/(?!webdav) "https://my.domain.com/webdav"