Centos – WebDAV on CentOS – getting 403 error when attempt to upload

apache-2.2centoswebdav

I configured Apache2 to allow WebDav on a directory (CentOS 5 / Plesk 8.6):

  • WebDav is enabled in httpd.conf
  • /var/lib/dav/lockdb is writeable by Apache
  • My target dir is chmod 777
  • My target dir is chowned apache:psacln
  • using Basic Authentication (setup by Plesk interface)

in my vhost.conf I have:

<Directory /var/www/vhosts/domain.com/httpdocs/target_dir>
        Dav On
    AllowOverride none
        Order allow,deny
        Allow from all
</Directory>

I can connect to the directory using authentication fine and download files from it. But I cannot write to the dir. I get a 403 Error when I attempt to upload or create a dir.

Anyone have any tips?

Thanks in advance –

Update – 6/5 Using the comments below I've isolated the issue to being some type of conflict with .htpasswd protected directories. I can created an unprotected dir and enable WebDAV uploads fine. But once I enable Basic Auth on the directory everything goes south. I can read but no longer upload.

This is my vhost.conf:

<Directory /var/www/vhosts/domain.com/subdomains/subdomain/httpdocs/>
        AuthUserFile /var/www/.htpasswd
        AuthName "Login"
        AuthType Basic
        Require valid-user

        DAV on
    AllowOverride none
        <Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
                Require valid-user
        </Limit>
</Directory>

Update 6/6

Was able to get WebDAV working on a different domain with minimal effort. The only difference between the two domains is that in the one which refuses to allow write access I have a DocumentRoot directive:

    DocumentRoot /var/www/vhosts/domain.com/httpdocs/app/webroot

Might this be causing some problems?

Best Answer

I recently struggled with the same problem on my Fedora 10 system. In my case the culprit was some odd redirection that I was doing in Apache. Specifically, I use a content management system (Drupal, to be exact) that within it's .htaccess includes the following redirection logic to redirect missing files to a PHP script:

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

It makes sense that the above only affects the PUT method since in that case REQUEST_FILENAME does not exist.

Not having the WebDAV area inside of the Drupal area, which seems like a reasonable constraint, fixes the problem.

Also, I think it is likely that SELinux would result in a different error, but it's not mentioned in the discussion above. Did you try disabling SELinux?

Related Topic