Article

  • 2 years

    9 months

    YetiShare / Core

    1343

WebDav Plugin Troubleshooting

Problem:

Using Apache/Ubuntu, files do not upload using the WebDav plugin. They show as 100% uploaded but don't actually appear within your account.

Fix:

sudo a2enmod dav
sudo a2enmod dav_fs
sudo service apache2 restart

Source: https://www.digitalocean.com/community/tutorials/how-to-configure-webdav-access-with-apache-on-ubuntu-12-04



CloudFlare HTTPS:

On certain WebDav clients the free CloudFlare HTTPS certificate doesn't validate WebDav wont work. You will need to either purchase an SSL certificate for your WebDav domain or use non-https via the plugin settings above.

In addition, if you're using external file servers on CloudFlare https, all servers will need Curl v7.36+ for ECC 256 bit SSL (minimum used by CloudFlare). You can install it on CentOS using the following command: (if this url is no longer available, check here for the latest)

rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/city-fan.org-release-1-12.rhel6.noarch.rpm
yum install libcurl


After, restart your webserver and PHP (if using php-fpm). Test by trying to connect to your site, like this:

curl -1IsS https://yourdomain.com


Plesk/WHM Users:

If you're using Plesk/WHM you may have issues connecting via a WebDav client. Plesk/WHM can mess with the authentication header so the script wont recognise the submitted username and password by default. To allow for this comment out the following lines within - \plugins\webdav\site\control\.htaccess

# uncomment on plesk if you're having login issues
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule (.*) index.php [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule>


If you can't see this file ensure you've upgraded to the latest plugin code via your account.


ModSecurity:

WHM might be running ModSecurity which can block certain http methods that WebDav needs. This can be noticed when your WebDav client is authenticating fine but not listing any files. You may be seeing a "404 Not Found" error. To check for it:

1) Connect to your site using your WebDav client, such as CyberDuck.
2) Login to WHM and search for ModSecurity logs on the left.
3) Look for a recent error message similar to the following:

2016-05-06 10:40:19 yourdomain.com 212.126.20.12 CRITICAL 404 1234123435: Method is not allowed by policy
Request: PROPFIN /
Action Description: Access denied with code 501 (phase 2).
Justification: Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required.

4) If this exists, ModSecurity is indeed blocking WebDav. To fix it amend the relating ModSecurity rule to allow PROPFIN methods, or completely disable the rule altogether. The rule will look similar to the following:

# allow request methods
SecRule REQUEST_METHOD "!^((?:(?:POS|GE)T|OPTIONS|HEAD))$" \
"phase:2,t:none,log,auditlog,status:501,msg:'Method is not allowed by policy', severity:'2',id:'1234123435',tag:'POLICY/METHOD_NOT_ALLOWED'"

5) Ensure you rebuild & restart ModSecurity after the rule changes.


Blocked WebDav Methods:

Your server may be blocking the http methods required by WebDav. Run a test on SSH for check it:

curl -v -X PROPFIND http://yourdomain.com

If you get:

405 Not Allowed

They are being blocked. Required methods DELETE|PROPFIND|PUT|GET|HEAD|POST|OPTIONS|REPORT


You Create Folders But Not Upload Files:

Run the same test as above via SSH:

curl -v -X PROPFIND http://yourdomain.com

If you get:

Hostname was NOT found in DNS cache

Your server can't upload to itself due to a domain resolution issue. Ideally you should fix the resolution issue, alternatively update your /etc/hosts file to point your host at the local IP:

nano /etc/hosts
127.0.0.1 localhost.localdomain localhost debian yourdomain.com