By sylvaticus
While there are many tutorials around on how to add WebDAV on apache (using mod_dav) for a single user/folder (e.g. /var/www/webdav) I can’t find any tutorial that explains how to use mod_dav to allow per-user access to heir home folders.
This would require (a) local authentication (PAM), (b) rewrite requests to webdav://myuser@myserver/webdav to /home/myuser/, © set apache to access files as the authenticated user instead of www-data.
I use Ubuntu 22.04
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Heya,
To set up Apache with WebDAV to allow local users to access their home folders on Ubuntu 22.04, you need to configure:
- mod_dav and mod_dav_fs for WebDAV support.
- mod_authnz_pam for PAM-based authentication.
- mod_rewrite or mod_userdir to rewrite
/webdavto the corresponding home folder. - mod_proxy_fcgi with
fcgiwrapto allow Apache to run as the authenticated user. Install Required Packages
sudo apt update
sudo apt install apache2 libapache2-mod-authnz-pam libapache2-mod-dav webdav fcgiwrap
Enable necessary modules:
sudo a2enmod dav dav_fs dav_lock authnz_pam userdir proxy_fcgi rewrite
sudo systemctl restart apache2
Configure WebDAV Directory Create the WebDAV directory in each user’s home:
mkdir -p /home/$USER/webdav
chmod -R 755 /home/$USER/webdav
Ensure ownership is correct:
sudo chown -R $USER:$USER /home/$USER/webdav
Configure Apache Virtual Host
Edit or create a new Apache configuration file:
sudo nano /etc/apache2/sites-available/webdav.conf
Add the following:
<VirtualHost *:80>
ServerName yourserver.com
# Allow WebDAV
AliasMatch ^/webdav/([^/]+) /home/$1/webdav
<Directory /home/*/webdav>
DAV On
Options Indexes FollowSymLinks
AllowOverride None
# PAM authentication
AuthType Basic
AuthName "WebDAV Server"
AuthBasicProvider PAM
AuthPAMService apache
Require valid-user
# Ensure the authenticated user can access their own home folder
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule ^/webdav/(.*)$ /home/%1/webdav/$1 [L]
</IfModule>
</Directory>
# Run as the authenticated user
<IfModule mod_proxy_fcgi.c>
<Directory /usr/lib/cgi-bin>
Require all granted
</Directory>
ProxyPassMatch ^/cgi-bin/(.*)$ fcgi://localhost/usr/lib/cgi-bin/$1
</IfModule>
</VirtualHost>
then Enable the Site and Restart Apache:
sudo a2ensite webdav.conf
sudo systemctl restart apache2
Next is to Adjust PAM for Apache Authentication
Modify /etc/pam.d/apache2:
sudo nano /etc/pam.d/apache2
Add:
auth required pam_unix.so
account required pam_unix.so
session required pam_unix.so
This enables per-user WebDAV home directory access with PAM authentication while ensuring Apache serves files as the authenticated user. Let me know if you need further refinements! 🚀
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.