.htaccess restricts write permission from webdav

Hello list,

I am facing a strange problem with webdav caused by .htaccess !!! I am running debian lenny server with apache2

` ` `
Server version: Apache/2.2.9 (Debian)
Server built: Jul 14 2009 20:44:04
` ` `

with dav and dav_fs enabled. webdav is used here to modify/publish sites in apache htdocs folder. webdav is running well and it also creates and deletes file/folder with out any problem. The problem starts as soon as I place .htaccess file inside a folder (website). webdav can't publish anything there!!! It generates error as below from client pc

` ` '
touch 123
touch: cannot touch `123': Input/output error

mkdir 123
mkdir: cannot create directory `123': No such file or directory
` ` `

windows client simply throws error as permission denied.

My webdav configuration is

` ` `
## webdav access

Alias /webdav/user1 /var/personal_work_area/user1


DAV On
ForceType text/plain
SSLRequireSSL
AuthType Basic
AuthName "user1's webdav"
AuthUserFile /home/svn/PASSWD
Require user user1


` ` `

and .htaccess is

` ` `
Options +FollowSymLinks

RewriteEngine On
RewriteRule ^typo3$ - [L]
RewriteRule ^typo3/.*$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* index.php
` ` `

as soon as I delete .htaccess ( from the server) webdav has no problem to create/delete files/folders.

Does any one know why .htaccess prevents write access from webdav ?

Thanks

--
জয়দীপ বক্সী


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess restricts write permission from webdav

J. Bakshi wrote:
>
> windows client simply throws error as permission denied.
>
....
>
> Does any one know why .htaccess prevents write access from webdav ?
>
Hi.
I am not saying that this /is/ your problem, but you should be aware of
the fact that all DAV client implementations in Windows are notoriously
buggy and unreliable.
Search Google for this : windows +dav +miniredirector
to get an idea of the dimension of the problem.

We use "web folders" heavily in our own applications. We have learned
by experience that, depending on the version of Windows, the patches
applied, whether or not there is MS-Office installed, etc.. the
behaviour of the webfolders <-> Apache DAV dialog is quite variable.
All in all, this is quite frustrating, and can be very time-consuming to
track down precisely.
Since you can probably never insure that all client workstations have
exactly the same versions, basically these different behaviours will
always hit you.
To avoid this kind of trouble, try to keep the interface as basic as
possible.
If a .htaccess does not work, try for example to set up the same access
rules outside of a .htaccess file, e.g. in your server config inside of
a section.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess restricts write permission from webdav

On 3 Dec 2009, at 05:36, J. Bakshi wrote:

> Hello list,
>
> I am facing a strange problem with webdav caused by .htaccess !!!

Don't. DAV configuration isn't just a map of URL-space to
native-filesystem-space, which is why you need to configure
it in URL-space. Anything in filesystem-space is sure to
produce counterintuitive results.

--
Nick Kew

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess restricts write permission from webdav

On 2-Dec-2009, at 22:36, J. Bakshi wrote:
> RewriteEngine On
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]


I just went through this with wordpress. You have to exempt webdav from =
all the rewrites.

On 25-Nov-2009, at 11:15, LuKreme wrote:
> I modified the htaccess file hoping I could eliminate the webdav =
issue. My webdav mount is webdav.example.com, so I did this:
>=20
>
> RewriteEngine On
> RewriteBase /
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{HTTP_HOST} !^webdav
> RewriteRule . /index.php [L]
> RewriteRule ^u/([0-9]+)$ =
wp-content/plugins/short-url-plugin/u.php?$1|$2
>
>=20
> That has fixed the problem and it is now possible to access the entire =
web space via wedbav.

the RewriteCond ${HTTP_HOST} is the line that did it. If your webdav is

http://www.example.com/webdav then something like

RewriteCond %{REQUEST_URI} !^webdav

should work

--=20
"I program Windows - of course it isn't safe." - Meski


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Re: .htaccess restricts write permission from webdav

LuKreme wrote:
> On 2-Dec-2009, at 22:36, J. Bakshi wrote:
>
>> RewriteEngine On
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>>
>
>
> I just went through this with wordpress. You have to exempt webdav from all the rewrites.
>
> On 25-Nov-2009, at 11:15, LuKreme wrote:
>
>> I modified the htaccess file hoping I could eliminate the webdav issue. My webdav mount is webdav.example.com, so I did this:
>>
>>
>> RewriteEngine On
>> RewriteBase /
>> RewriteCond %{REQUEST_FILENAME} !-f
>> RewriteCond %{REQUEST_FILENAME} !-d
>> RewriteCond %{HTTP_HOST} !^webdav
>> RewriteRule . /index.php [L]
>> RewriteRule ^u/([0-9]+)$ wp-content/plugins/short-url-plugin/u.php?$1|$2
>>
>>
>> That has fixed the problem and it is now possible to access the entire web space via wedbav.
>>
>
> the RewriteCond ${HTTP_HOST} is the line that did it. If your webdav is
>
> http://www.example.com/webdav then something like
>
> RewriteCond %{REQUEST_URI} !^webdav
>
> should work
>
>

Hello LuKreme,

Thanks for your response. I have also tried the wordpress technique at
first place but didn't get any success. I accessed webdav by
https://192.168.1.1/webdav/user1

I placed the rule in .htaccess

` ` `
RewriteCond %{REQUEST_URI} !^webdav
` ` `
before "RewriteRule .* index.php" but no luck :-(



--
জয়দীপ বক্সী


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess restricts write permission from webdav

On Dec 3, 2009, at 20:13, "J. Bakshi" wrote:

> RewriteCond %{REQUEST_URI} !^webdav

That's wrong.

!^/webdav

The / is part of the uri

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Re: .htaccess restricts write permission from webdav

LuKreme wrote:
> On Dec 3, 2009, at 20:13, "J. Bakshi" wrote:
>
>> RewriteCond %{REQUEST_URI} !^webdav
>
> That's wrong.
>
> !^/webdav
>
> The / is part of the uri

Sorry for the mistake. I have corrected it but no luck :-( Here is my
complete .htacess once again

` ` `
Options +FollowSymLinks

RewriteEngine On
RewriteRule ^typo3$ - [L]
RewriteRule ^typo3/.*$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l

RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule .* index.php
` ` `
and here is my apache configuration to access webdav

` ` `
## webdav access

Alias /webdav/user1 /var/personal_work_area/user1


DAV On
ForceType text/plain
SSLRequireSSL
AuthType Basic
AuthName "Personal work area"
AuthUserFile /home/svn/PASSWD
Require user user1


` ` `

--
জয়দীপ বক্সী


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess restricts write permission from webdav

On 3-Dec-2009, at 22:22, J. Bakshi wrote:

> Options +FollowSymLinks
>=20
> RewriteEngine On
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]
>=20
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{REQUEST_FILENAME} !-l
>=20
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule .* index.php


Hmm. Could it be you have to exempt the webdav from ALL the rules, not =
just the REQUEST_FILENAME? I've got limited help to give, my =
configuration was different, so my condition was different.

Try commenting out the typo3 rules for now and see if that changes the =
behavior. Beyond that, your guess is as good as mine.

--=20
BUGS: There is no conversion specification for the phase of the
moon." strftime(3) man page


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Re: .htaccess restricts write permission from webdav

LuKreme wrote:
> On 3-Dec-2009, at 22:22, J. Bakshi wrote:
>
>
>> Options +FollowSymLinks
>>
>> RewriteEngine On
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>>
>> RewriteCond %{REQUEST_FILENAME} !-f
>> RewriteCond %{REQUEST_FILENAME} !-d
>> RewriteCond %{REQUEST_FILENAME} !-l
>>
>> RewriteCond %{REQUEST_URI} !^/webdav
>> RewriteRule .* index.php
>>
>
>
> Hmm. Could it be you have to exempt the webdav from ALL the rules, not just the REQUEST_FILENAME? I've got limited help to give, my configuration was different, so my condition was different.
>
> Try commenting out the typo3 rules for now and see if that changes the behavior. Beyond that, your guess is as good as mine.
>
>

LuKreme, you are a hero. Your assumption is working here. I have
omitted two lines

` ` `

RewriteRule ^typo3$ - [L]
RewriteRule ^typo3/.*$ - [L]
` ` `

and now webdav has no problem with create/delete operation :-) Though I have fond that creating a .htaccess or deleting it through webdav is not possible.

many many thanks



--
জয়দীপ বক্সী


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess restricts write permission from webdav

On 6-Dec-2009, at 20:15, J. Bakshi wrote:
> Though I have fond that creating a .htaccess or deleting it through =
webdav is not possible.


Usually apache is setup to refuse to serve .ht* files for security =
reasons. If this is not the case, there's no reason the htaccess file =
should not be available via webdav.

The block usually looks something like this in httpd.conf:


Order allow,deny
Deny from all
Satisfy All


Now, exposing the innards of the .htaccess of especially .htpasswd files =
like this is certainly risky, so I wouldn't do it.

--=20
Oh, he's just like any other man, only more so.


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess restricts write permission from webdav

On 6-Dec-2009, at 20:15, J. Bakshi wrote:
> RewriteRule ^typo3$ - [L]
> RewriteRule ^typo3/.*$ - [L]
> ` ` `
>=20
> and now webdav has no problem with create/delete operation


One other thing, if you duplicate the RewriteCond above these rules, =
they should work as well.

something like:

Options +FollowSymLinks

RewriteEngine On
RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule ^typo3$ - [L]

RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule ^typo3/.*$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_URI} !^/webdav
RewriteRule .* index.php

(as I understand it, RewriteCond ONLY apply to the next single =
RewriteRule. Perhaps there is a way to have a single condition apply to =
all rules and someone else will point it out)

--=20
An edge witch is one who makes her living on the edges, in that moment =
when boundary conditions apply - between life and death, light and dark, =
good and evil and, most dangerously of all, today and tomorrow. --The =
Thief of Time


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Re: .htaccess restricts write permission from webdav

LuKreme wrote:
> On 6-Dec-2009, at 20:15, J. Bakshi wrote:
>
>> RewriteRule ^typo3$ - [L]
>> RewriteRule ^typo3/.*$ - [L]
>> ` ` `
>>
>> and now webdav has no problem with create/delete operation
>>
>
>
> One other thing, if you duplicate the RewriteCond above these rules, they should work as well.
>
> something like:
>
> Options +FollowSymLinks
>
> RewriteEngine On
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule ^typo3$ - [L]
>
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule ^typo3/.*$ - [L]
>
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{REQUEST_FILENAME} !-l
> RewriteCond %{REQUEST_URI} !^/webdav
> RewriteRule .* index.php
>
> (as I understand it, RewriteCond ONLY apply to the next single RewriteRule. Perhaps there is a way to have a single condition apply to all rules and someone else will point it out)
>
>

Hello LuKreme,

thanks once again for the configuration :-) I'll definitely give it a
try. Thanks for the clarification.
wish you a great day.


--
জয়দীপ বক্সী


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org