webDAV security question

I’m experimenting with webDAV as a file sharing tool for off-site access. I’ve read several articles explaining the holes in the different levels of webDAV authentification from basic authentification to SSL Encryption. The problem is that I am not a network administrator by trade, so I’m a little confused.

I’m assuming that DH is enabling webDAV with basic authentification since I didn’t have to do much configuration on my XP client machine (I did have to add a perameter to my registry to get it to autenticate properly). If this is the case, can SSL Encryption be added to the webDAV host for a little added security? I read that Apache offers Apache-SSL but perhaps that already part of your setup. If so, how do I use it with my client machines?



Some people golf. I make movies.

As far as I know if you set up SSL service on your hosting (Domains > Manage Domains > look at the Secure Hosting column), you can use WebDAV clients that support SSL to connect to your WebDAV share using an SSL-secured connection. Your Basic Authentication setup as well as your file contents would be encrypted.

also check for info on the wiki:

How exactly do you get WebDAV to work with XP?



There is a guide to setting up WebDav with Windows XP on the Dreamhost wiki, as well as more general information on WebDav.

Make sure you take note of the potential problem with using WebDav with Windows XP SP2 section of the first article linked above. Good Luck!