How can we help?

Quick Login

WebDav and a Hosted Site

Use WebDav to connect to a server, set up the file structure, and control access. Links included for WebDav clients.

This article applies to: Managed Servers

WebDav is a method to transfer files to a server. It allows you to log onto the server in an area that contains your web content. When you request a new hosted site, you'll receive an email with information about the server, including the WebDav address.

Connect to the Server

Two common methods for connecting to a server using WebDav are through a WebDav client (preferred) or by mounting a drive (less secure).

WebDav Client Method (Preferred): A WebDav client is a program that allows you to connect to a remote server. You can choose to always connect when you turn on your computer (reduces the boot speed for the computer) or to connect just when you need to use the server. When you connect to the server, the server appears as an additional drive. Tools such as Dreamweaver will indicate when you are connected. Some WebDav clients are free, some cost small sums of money.

See the list of WebDav clients below.

Mounting the Drive Method (Less Secure): You can mount the server as an external drive so that it shows up as an icon on your desktop. This is less preferred than using a WebDav client because it creates a security vulnerability. (Anyone who can use your machine can get to the server.) It is also more complicated to set up. The method for mounting drives differs with each operating system and even between versions of the same operating system.

Instructions for mounting a drive are in the help for your operating system.

Your Dav Address

The web services group assigns a WebDav address for you using a standard naming convention. This address is sent to you in an email message when your hosted site is set up. Your WebDav address may look like the following example:

https://<Service Name>-webdav.kproxy.cornell.edu/<maybe-something-here>

This address is the one you use to connect to your site to work with the files.

Here are the steps to use to WebDAV to your server without going through KProxy:

Obtain a WebDAV key from your server. Login using your NetID/Password at the following URL, and copy the entire long string the page displays:

https://webhostXXX.hosting.cornell.edu:8144/davlogin

Replace the XXX with the number of your server.
Your WebDAV connection URL that you will paste into your WebDAV client is:

https://webhostXXX.hosting.cornell.edu:8144/name-of-your-instance

Replace the XXX with the number of your server AND
Replace the name-of-your-instance in the link above with the real name

Use your NetID as a username, and the WebDAV key you obtained from step 1 as your password. This key will be valid for eight hours. After that, you will have to generate a new key and re-login.

You can alter the name-of-your-instance portion of the URL to access other instances on your server.

To access your static instance, please use the following URLs:

Obtain a DAV login key from this server:

https://webhost092.hosting.cornell.edu:8144/davlogin

This key will work for all instances you have in the static webhosting service, but again, only for eight hours.
Your static instance's WebDAV access url is:

https://webhost092.hosting.cornell.edu:8144/name-of-your-instance

You can alter the name-of-your-instance portion of the URL to access other instances.

Set Up the File Structure

For most servers, when you connect with WebDav, you'll see the htdocs folder, which is a standard part of sites provided by the web services group. The htdocs folder might include files that belong to the entire website. (For some older, legacy systems, you start in a shared area that many people can see. From there you navigate to your own folders. The idstatic.cit.cornell.edu server works this way.

The best practice for file structure is to place all sites at least one level down from your htdoc folder. For example, for two separate sites about apples and oranges you would create folders apples and oranges. For a site about different types of apple, you'd make subfolders under the apples folder.

WebDav folders follow the Windows or Unix rules for permissions, naming, etc. depending on the type of server they are on. (For a windows server, the folders follow Windows rules. For a Unix server, the folders follow Unix rules.

The image below shows a Windows machine connected via a WebDav client to a Unix ColdFusion server. Although this looks like a Windows system, the files are on a Unix server. They must obey all the Unix system rules for naming, permissions, etc.

Control Access/Assign Permissions (.wdaccess)

You can use .wdaccess files to control who has permission to view or change your files on the server. Put a .wdaccess file in the htdocs folder, and another one in any folder for which you want to maintain different permissions.

Warning: If you don't create a .wdaccess file, anyone can look at or change your files.

About .wdaccess Files

The "." is required to start the name.
Similar to .htaccess files, but sites need both. (.wdaccess controls who can make changes to the files on your site. .htaccess controls who can view pages on your site. )
The CU WebAuth utility uses the information in the .wdaccess file to enforce access to the folders.
Permissions are inherited by sub-folders, but can be overridden by another .wdaccess file.
Edit .wdaccess files using a plain text editor. Many clients have a .wdaccess editor to make it easier.
Note: Changes are immediately visible, so it is best to edit on the desktop then transfer the new file once you know it's correct.

.wdaccess Permissions Example

Following is an example of how a site might use .wdaccess files to control access to folders.

The .wdaccess file in htdocs has a permit that only has administrators in it. FolderA has no .wdaccess file. FolderB has a .wdaccess file that only allows developers. FolderC has a .wdaccess file that allows both developers and administrators.

An administrator can log into oursite-webdav.kproxy.cornell.edu.

Folder_A = Administrator can see and make changes in this folder. (No .wdaccess file means this folder inherits the permissions from the htdocs folder above.)
Folder_B = Administrator cannot open or make any changes. Administrator may be able to see this folder. (Depends on the WebDav client.)
Folder_C = Administrator can see and make changes in this folder.

A developer can log into oursite-webdav.kproxy.cornell.edu/Folder_B and oursite-webdav.kproxy.cornell.edu/Folder_C.

Folder_A = Developer cannot open or make any changes. Developer may be able to see this folder. (Depends on the WebDav client.)
Folder_B = Developer can see and make changes in this folder.
Folder_C = Developer can see and make changes in this folder.

Create a .wdaccess File

AuthName Cornell AuthType All AuthBasicAuthoritative off # # Use the following to restrict access # (w/o comments) use spaces not commas # when multiple entries are needed # #require valid-user #require netid #require permit

The last two lines are used to control permissions.

If you are not in the .wdaccess file as a netid or as a permit you will lose access to the file and will not be able to edit the .wdaccess file itself. You would be locked out.

Copy the sample file to a text editor.
Save the file with the name .wdaccess. (Use this exact name. Include the period at the beginning.)
In the Require Permit line, enter the names of the AD groups which have access to the folder, for example
require CIT.lamp.xyz
- Remove the # sign.
- Separate permits or NetIDs with a space.
- To make a new group on a hosted server, send request to webservices@cornell.edu.
- You can add NetIDs instead of using AD groups, but this is not recommended since it results in extra maintenance, especially for large numbers of people or multiple .wdaccess files.
Be sure that you are included in the AD group or that you add your own NetID. If not, you will not be able to access your own files.
Save the .wdaccess file, and then copy it to the folder on your site.

Links to WebDav Clients

Mac

Windows

More Information

Fairly Technical: http://httpd.apache.org/docs/2.0/mod/mod_dav.html
Cornell Library: http://erms.library.cornell.edu/search~S4/?searchtype=X&searchscope=4&SORT=A&searcharg=24x7
(Takes you to a link near the top Books.24x7.com that has a rich searchable resource of IT books. You will need to log in with your NetID and password.)

Managed Servers Articles

see all

Administrative Tasks

Create CNAME Without Owning the Target Domain

Manage domain names for a server in the server farm.

Firewall Rules on Linux Managed Servers

Firewall rules for managed Linux servers, best practices, and how to get assistance.

Firewall Rules on Windows Managed Servers

Firewall rules for managed windows servers, defaults, best practices, IP ranges, and how to get assistance.

Install Windows IIS

Installing IIS Note: This application is not installed by default on managed servers. You can install it yourself using the following instructions. If you need support or more information...

Manage a Group (Windows Server)

You can grant the same access and permission to many different users by adding user accounts to groups. Members of a group can make the same types of changes to settings and have the same access...

Patch Management: Unix

Patches are applied to managed Unix servers on a regular schedule.

Secure Windows Traffic with IPsec

Use IPsec to fulfill security requirements or enhance the security of your application. Add IP restrictions and TCP/UDP level encryption to applications which may not otherwise support it.

Start Up and Shut Down Scripts

Scripts provide a consistent method to start up and shut down services on Linux.

WebDav and a Hosted Site

Use WebDav to connect to a server, set up the file structure, and control access. Links included for WebDav clients.

Was this page helpful?

Your feedback helps improve the site.

Search Filters:

Knowledge Base Article

Quick Links and Search