diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master index fdea684eaa4b854df01778b069108ccee434478a..cab89e6eef02c0077570353b9a321e35f17fdee5 100644 --- a/server/conf/vhost.conf.master +++ b/server/conf/vhost.conf.master @@ -482,23 +482,20 @@ AssignUserId - - # Do not execute PHP files in webdav directory - - - SecRuleRemoveById 960015 - SecRuleRemoveById 960032 - - - SetHandler None - - - DavLockDB {tmpl_var name='document_root'}/tmp/DavLock - # DO NOT REMOVE THE COMMENTS! - # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE! - # WEBDAV BEGIN - # WEBDAV END + + + + SecRuleRemoveById 960015 + SecRuleRemoveById 960032 + DirectoryIndex disabled + SetHandler None + + DavLockDB {tmpl_var name='document_root'}/tmp/DavLock + # needed by apache2_plugin.inc.php + # WEBDAV BEGIN + # WEBDAV END + diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php index c4059e42c4ff49ad31495411a5ce9cc05691b28a..22d33953f15f44ee3fd9a2a780b786674828b261 100644 --- a/server/plugins-available/apache2_plugin.inc.php +++ b/server/plugins-available/apache2_plugin.inc.php @@ -2878,76 +2878,49 @@ class apache2_plugin { $in = fopen($fileName, 'r'); $output = ''; $inWebdavSection = false; - - /* - * read line by line and search for the username and authname - */ + //* read line by line and search for the username and authname while ($line = fgets($in)) { - /* - * is the "replace-comment" found... - */ + //* is the "replace-comment" found... if (trim($line) == '# WEBDAV BEGIN') { - /* - * The begin of the webdav - section is found, so ignore all lines til the end is found - */ + //* The begin of the webdav - section is found, so ignore all lines til the end is found $inWebdavSection = true; - - $output .= " # WEBDAV BEGIN\n"; - - /* - * add all the webdav-dirs to the webdav-section - */ + $output .= "# WEBDAV BEGIN\n"; + //* add all the webdav-dirs to the webdav-section $files = @scandir($webdavRoot); if(is_array($files)) { foreach($files as $file) { if (substr($file, strlen($file) - strlen('.htdigest')) == '.htdigest' && preg_match("/^[a-zA-Z0-9\-_\.]*$/", $file)) { - /* - * found a htdigest - file, so add it to webdav - */ + //* found a htdigest - file, so add it to webdav $fn = substr($file, 0, strlen($file) - strlen('.htdigest')); - $output .= "\n"; - // $output .= " Alias /" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n"; - // $output .= " \n"; - $output .= " Alias /webdav/" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n"; - $output .= " \n"; - $output .= " DAV On\n"; - $output .= ' BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On'."\n"; - $output .= " AuthType Digest\n"; - $output .= " AuthName \"" . $fn . "\"\n"; - $output .= " AuthUserFile " . $webdavRoot . '/' . $file . "\n"; - $output .= " Require valid-user \n"; - $output .= " Options +Indexes \n"; - $output .= " Order allow,deny \n"; - $output .= " Allow from all \n"; - $output .= " \n"; + $output .= "Alias /webdav/$fn $webdavRoot/$fn\n"; + $output .= "\n"; + $output .= "Dav On\n"; + $output .= "BrowserMatch MSIE AuthDigestEnableQueryStringHack=On\n"; + $output .= "AuthType Digest\n"; + $output .= "AuthName \"$fn\"\n"; + $output .= "AuthUserFile $webdavRoot/$file\n"; + $output .= "Require valid-user\n"; + $output .= "Options +Indexes\n"; + if($app->system->getapacheversion()<=2.2) + $output .= "Order allow,deny\nAllow from all\n"; + $output .= "\n"; } } } } - /* - * is the "replace-comment-end" found... - */ + //* is the "replace-comment-end" found... if (trim($line) == '# WEBDAV END') { - /* - * The end of the webdav - section is found, so stop ignoring - */ + //* The end of the webdav - section is found, so stop ignoring $inWebdavSection = false; } - - /* - * Write the line to the output, if it is not in the section - */ + //* Write the line to the output, if it is not in the section if (!$inWebdavSection) { $output .= $line; } } fclose($in); - - /* - * Now lets write the new file - */ + //* Now lets write the new file $app->system->file_put_contents($fileName, $output); - } //* Update the awstats configuration file