Friday, January 14, 2011

WebDAV "PROPFIND" exception in IIS due to network share?

Hi all,

We're finding continuous exceptions in our event viewer on our live box to the following exception:

[snippet]

Process information:

Process ID: 3916

Process name: w3wp.exe

Account name: NT AUTHORITY\NETWORK SERVICE

Exception information:

Exception type: HttpException

Exception message: Path 'PROPFIND' is forbidden.

Thread information:

Thread ID: 14

Thread account name: OURDOMAIN\Account

Is impersonating: True

Stack trace:

at System.Web.HttpMethodNotAllowedHandler.ProcessRequest(HttpContext context)

at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Other Specs: Windows Server 2003 R2 & IIS 6.0

We've narrowed it down to occuring when people try to access shares on the box from within the network, and have discovered (we think) that its due to the WebDAV web services extension being previously disabled by past staff. The exceptions are being thrown when trying to access directories that are virtual dirs in IIS, and plain old UNC network shares

What the implications for enabling the WebDAV extensions on our live web server?

And will this solve our problems with the exceptions in our event log?

  • In answer to your questions, If you enable WebDav, it will stop these messages because there would no longer be any forbidden errors.

    That being said, if no one is doing anything that would require or rely on a WebDav connection, I would no enable it as there is no reason to be using it and you could possibly be opening yourself up to attack (especially as there was a recent WebDav related security vulnerability).

    In addition -

    Do you have anyone using Dreamweaver? I get this all the time on my network, I have disabled all WebDav and told it just to use network share, but for some reason, why it is open for over 30 minutes, then I minimise it for any more than 2 minutes, it always freezes for about 30 seconds. I had no idea why it was doing this but then I opened performance monitor on my server and saw that it was doing constant connections over WebDav.

    I have posted this on the Adobe forums but they deleted it!

    From Wil
  • Yes I understand this, but we're only accessing shares via UNC paths (although they are across domains). Why would accessing a plain network share (even though it sits inside inetpub) automatically default to using WebDAV as the folder viewing mechanism?

    IE. The address is of the form "//machinename/sharename", which translates to a folder inside our inetpub directory...

    squillman : Instead of posting another answer you should use comments in response to other answers, or edit the original question with responses.
    From jacko

0 comments:

Post a Comment