Safety/security concerns with WebDav: WebDav is conceptually a share network folder (so much so you can mount them with a drive letter on Windows) that is provided over HTTP. This means anyone who can access the webdav url can read, write, and delete to all the files available there. This includes making new directories.
To protect it, one typically uses HTTP Basic (or Digest) Authentication (part of the web server set-up). With basic authentication that means the password (and user name) are going across the network (including Internet when doing so remotely) encrypted and anyone who sees the traffic can read the login credentials. Using digest authentication reduces this risk as the password is not longer sent across the network. Usually it is recommended that you use HTTPS for webdav and not allow HTTP (unencrypted) connections. However, SSL/TLS has a lot of insecure configurations, so you need to know what you are doing (and what encryption protocols to allow). Also, all the files that are stored on your hard drive for use with webdav need to be owned by the system use that the web server is running as. This makes it easy for a hacker who manages to breach your web server to mess with those files (website defacement happens because of this sort of thing). Of course, several cloud providers do feel that they can sufficiently secure webdav and offer it as part of their service. box.com offers webdav access. Under the covers MS SharePoint (and therefore OneDrive) use webdav. My home system has webdav exposed to the Internet (https only, basic authentication). my Wiki.suntrap.ca site also has webdav enabled. If you are setting this up on your home PC for access from the Internet (with port forwarding), I strongly suggest setting it up with SSL/TLS and using digest authentication. Also, set-up a system account (not your user account and not the windows "system" account) specifically to run the webdav server. Also, keep an eye on the space that is being used on your hard drive by that account (a hacker who manages to get access may try to adjust it to set-up a "warez server"). The above was all the scary stuff, here are some of the advantages: If you are running Windows or Apple OS X, you can mount a webdav like a network drive and save any files there you want (not just tiddlywiki). If you know how to configure your web server, you can set up public directories that don't require authentication to read but do require authentication to write files. You can also set-up private directories that require authentication for all access to files (in theory you could set up a blind drop where people can send you files without authenticating but not read them, although this is probably a bad idea). You can pretty easily create multiple account so people can share files. It's a bit more complicated to give per-person private directories. If you are extremely paranoid, you can set-up SSL/TLS client authentication which would require the browser to have a specific certificate (similar to the way the server needs one for HTTPS). You could set-up your own carddav (address book) or caldav (calendar) server. On Wednesday, August 30, 2017 at 2:52:07 PM UTC-4, Mark S. wrote: > > What would the performance and safety concerns be for running IIS/WebDav > on a semi-permanent basis? If you forward the ports (and know your IP) can > you access your files outside of the home? > > Mark > > On Wednesday, August 30, 2017 at 10:51:04 AM UTC-7, PMario wrote: >> >> Hi foks, >> >> I just did a proof of concept using IIS with WebDAV on windows 10 pro. .. >> It seems to work out of the box, with IE-11, Edge, FF55 and FF57-nightly. >> >> I will record a short video, so everyone interested, should be able to >> get it going. ... There is a little issue, with the TW default saver, but >> it should be streight forward to fix it. >> >> have fun! >> mario >> > -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/41dbe85c-6922-4032-83db-db61e77aff48%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
