DAVLogs 1.0 - More features coming soon

Status
Not open for further replies.
J

Jonty

Active Member
Aug 7, 2010
194
65
PHP: 
<?php

$ip = $_SERVER['REMOTE_ADDR'];
$logsfolder = "dav-logs";
$num = rand();

echo "<center><b>WebDAV testpage</center>";
file_put_contents($logsfolder."/".$ip."-".$num.".log", "WebDAV Access Log
-------------
The following IP address has tried to access WebDAV for possible harmful activity:
".$ip."
--------------");

What the PHP above does is log each time someone tries to access your webDAV directory.

In order for this to work you're going to need to edit 2 files. .htaccess & httpd-dav.conf

in C:\xampp\apache\conf\extra\httpd-dav.conf, replace the entire file with this code:

Code: 
#
# Distributed authoring and versioning (WebDAV)
#
# Required modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias
#                   mod_auth_digest, mod_authn_file
#

<IfModule dav_module>
<IfModule dav_fs_module>
<IfModule setenvif_module>
<IfModule alias_module>
<IfModule auth_digest_module>
<IfModule authn_file_module>

# The following example gives DAV write access to a directory called
# "uploads" under the ServerRoot directory.
#
# The User/Group specified in httpd.conf needs to have write permissions
# on the directory where the DavLockDB is placed and on any directory where
# "Dav On" is specified.

DavLockDB "C:/xampp/apache/logs/Dav.Lock"

Alias /lolcats "C:/xampp/lolcats/"

<Directory "C:/xampp/lolcats">
    Dav Off

    Order Allow,Deny
    Allow from all

    AuthType Digest
    AuthName "XAMPP with WebDAV"

    # You can use the htdigest program to create the password database:
    #   htdigest.exe -c "C:\xampp\security\webdav.htpasswd" "XAMPP with WebDAV" wampp
    AuthUserFile "C:/xampp/security/webdav.htpasswd"
    AuthDigestProvider file

    # Allow universal read-access, but writes are restricted
    # to the admin user.
    <LimitExcept GET OPTIONS>
        require valid-user
    </LimitExcept>
</Directory>

#
# The following directives disable redirects on non-GET requests for
# a directory that does not include the trailing slash.  This fixes a 
# problem with several clients that do not appropriately handle 
# redirects for folders with DAV methods.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On

</IfModule>
</IfModule>
</IfModule>
</IfModule>
</IfModule>
</IfModule>

Now navigate to your CMS directory, and create a file called webdav.php and put the php code provided (top of thread) in that and save it.

Now go into your .htaccess, and add this

Code: 
RewriteRule ^webdav(|/)$ /webdav.php

and you're done.


PLANNED FOR NEXT VERSION:
- Alert in UberCMS housekeeping, via mysql.
- Ban user via hotel
- Ban user via .htaccess
- some easter eggs ;D
 
Status
Not open for further replies.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
☀️  Switch to Light Theme

Latest posts

Top