Contents [] • • • • • • • • • • • • • • For some reasons, I need to access some of my home server files from outside when I am on the move. That access can be done from various places: • some friends or relatives ADSL boxes, • a public Wifi access • my 3G connection with unlimited data plan. Some of these accesses can be very restrictive, allowing only web access (port 80 and 443 only) and some can also even check your user agent (my 3G data plan). So to be sure to be able to access my files from anywhere & anytime, I decided to setup a secured WebDav share. This share will be accessed by using the HTTPS protocol on port 443. As a matter of fact, it should be allowed with no restriction by any access type. This article will explain how to setup such WebDav share on an existing Apache2 server.

It will also explain how to setup a Windows and a Ubuntu client to be able to use that access. This setup has been done on Debian Squeeze, but it should be compatible with any following version. The following guide suppose that you are connected as root. If not, you should start all the console commands with sudo. 1. Server setup 1.1. Create the SSL certificate & key The first step is to create the SSL certificate and SSL key needed by your Apache server. These will be used to secure the transmission. The SSL certificate will have a.crt extension and the SSL key a.key extension.

To create these to files, you first need to create your local authority file by shooting these commands: mkdir /tmp/ssl_conf cd /tmp/ssl_conf openssl req -config /etc/ssl/openssl.cnf -new -out server.csr You will be prompted for a passphrase. Then you need to answer few questions about your server. It is very important that you define the Common Name (CN) with your server public URL ( yourserver.dyndns.org).

As your Webdav share will be accessible from Internet, the CN should be set with your public IP address or better, with your public DNS name (DynDNS for example). If you don't do so, your site URL and your generated certificate won't match. Then, you have to create the certificate and the key file with these commands: openssl rsa -in privkey.pem -out server.key openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650 openssl x509 -in server.crt -out server.der.crt -outform DER Your certificate will be valid 3650 days (10 years). Last step is to copy these 2 files in the Apache configuration folder: cp server.crt /etc/apache2/ cp server.key /etc/apache2/ 1.2. Create your WebDav folder & password file I suppose that your Apache web root is the standart /var/www. We will create the WebDav root in /var/www/webdav and make the Apache user (www-data) the owner of that directory.

All your files accessible will be located under that WebDav root. Mkdir -p /var/www/webdav chown www-data /var/www/webdav Next we will create the WebDAV password file for a test user. For security reasons, the file should not be accessible from the webdav shared directory. So we will create it in the home directory of the www-data user. Htpasswd -c /home/www-data/passwd.dav test You will be asked to type in a password for the user test. The -c switch creates the file as it does not exist. Then, change the permissions of your new password file so that only root and the members of the www-data group can access it: chown root:www-data /home/www-data/passwd.dav chmod 640 /home/www-data/passwd.dav 1.3. Setup the Apache SSL host Afterwards, we need to enable the WebDAV and SSL modules in Apache: a2enmod dav_fs a2enmod dav a2enmod ssl You will be noticed if they were already enabled.

Free Download Aimsun Scripting Manual Programs For Mac. We now need to declare a new SSL virtual host in your Apache configuration. If you already have a vhost for which you'd like to enable WebDAV, you must adjust this tutorial to your situation.

Image: Jack Wallen Web Distributed Authoring and Versioning (WebDAV) is an extension of HTTP that enables clients to perform remote web content authoring. After WebDAV is added to an HTTP server, users can upload, download, edit, and manage files, thanks to a special readable/writable location on a web server. It's an incredibly handy means of enabling basic collaboration, without having to spend the extra cash or time setting up a specific system. If you have a Ubuntu server running Apache2, you're already close to having WebDAV. More about Networking • • • • Out of the box, Apache2 does not have WebDAV enabled, but it's an easy task to manage.

Lyberty.com's weekly/monthly splash page. (Yes, a splash page is old fashioned, but it's been a tradition here since 1999.). 웹 해킹 - 웹 페이지 관련 구성 파일 이름목록 웹 해킹 / Security_Study.

Let's walk through the process of adding this feature to your system. I assume you have Apache2 running on your Ubuntu server.

For this setup, I'll be installing on a Ubuntu 16.04 server with a previously installed LAMP stack. SEE: Enabling modules The first thing you must do is enable the necessary modules. Applied Linear Statistical Models Michael H Kutner Pdf Printer there. Open a terminal window and issue the following commands: • sudo a2enmod dav • sudo a2enmod dav_fs Restart the Apache server with this command. Sudo mkdir -p /var/www/webdav Now we'll change the owner of that directory to www-data with this command: sudo chown www-data /var/www/webdav The next step is to create a.conf file that will help make Apache2 aware of the virtual host.

For this, we'll create a new.conf file called /etc/apache2/sites-available/webdav.conf. The contents of this file will be: NameVirtualHost * ServerAdmin webmaster@domain DocumentRoot /var/www/webdav/ Options Indexes MultiViews AllowOverride None Order allow,deny allow from all Alias /webdav /var/www/webdav DAV On AuthType Basic AuthName 'webdav' AuthUserFile /var/www/webdav/passwd.dav Require valid-user Where webmaster@domain is the actual email address of the webmaster for your site. Save and close that file. Now we copy the webdav.conf file from sites-available to sites-enabled with this command: sudo a2ensite webdav.conf Before restarting Apache2, we need to create the WebDAV password file with this command ( USER is a valid username on your system): sudo htpasswd -c /var/www/webdav/passwd.dav USER When prompted enter the password for USER.

Next we must change the permissions of the newly created passwd.dav file so that only root and members of the www-data group have access to it. You'll do so with the following commands: • sudo chown root:www-data /var/www/webdav/passwd.dav • sudo chmod 640 /var/www/webdav/passwd.dav Restart Apache2 with this command: sudo service apache2 restart The WebDAV system is ready to test. SEE: (Tech Pro Research) Testing your setup There's an easy to use tool for testing WebDAV—install the tool with this command: sudo apt-get install cadaver Once installed, issue this command ( IP_OF_SERVER is the actual IP address of your server): cadaver You should be prompted for a username/password. Enter the USER used when setting up WebDAV and the associated password. If the cadaver command succeeds, you'll land at the the dav:/webdav/>prompt. Congratulations, WebDAV is working on your Ubuntu server. You can now use whatever tool you need (connect via file managers, web browsers, etc.) to connect to your WebDAV server.

Quick and cheap collaboration With WebDAV and Apache2, you'd be hard-pressed to find a more reliable, cost-effective collaboration tool.