Setting up secure WebDav on IIS 6

10/08/2011 12:56

This artical goes through the steps required when setting up https webdav to allow read/write/list contents on server with multiple sites using host headers. There are lots of guides out there but none of them seem to get to the point without lots of waffle.

 

Steps

 

1. Right click on the folder you want to share in Explorer

2. Select Sharing and Security

3. Click Web Sharing tab

4. Set the 'Share On' value to Default website

5. Select 'Share this folder' radio button

6. Set an alias

7. Tick read, write, Directory browsing then click OK

8. Click apply, then OK

What just happened?

You just setup a virtual directory under the default website that has the name of the alias set in step 6 above. If you open a browser and go to http://website.com/[alias] you should be able to see the folder contents (assuming there is something in it)

 

You can setup a network drive to this location but remember to always use the FQDN for the connection, not the Ip address as this will not work in Windows 7 (and possibly not Vista)

 

There are two problems with this:

1. The virtual directory is only available under the Default website domain, not the domain the directory actually sits under. If you are using host headers and have multiple domains on your box then this could be confusing or just undesirable for end users

2. The directory is public and anyone in the world can access the contents

To setup secure access to the folder you need to enable SSL and remove the anonymous user rights from the virtual directory (not the file system directory as this will stop the website working!)

 

1. Go to the IIS properties for the Default website

2. Click on Directory Security Tab, and look for the Secure Communications section at the bottom

3. Make sure the Default website has a SSL certificate installed

4. Click on the Edit button and tick the box saying, 'Require secure channel (SSL)', then OK

If you wanted to host the webdav directory under another site (not the Default) then you require a wildcard SSL cert for the server

 

 

 

 

 

 

Search site

Contact

Alexander Roberts