From zFTPServer Wiki
Jump to: navigation, search

2016-09-16 - Added support for encrypted WebDAV

Now you can use zFTPServer as your WebDAV server on a secure way.

2016-05-12 - Improved stability and performance

Improved stability and performance according to HTTP(S) with minor beautifications.

2016-03-18 - Mobile friendly HTTP(S) GUI for clients

With mobile friendly HTTP(s) GUI you can easily use zFTPServer on tablets and phones for easy file distribution from your local cloud.

Support for specifying SFTP KEX algorithms and by default now using more secure algorithms, zFTPServer increase the security. KEX Algorithms

2016-01-19 - zFTPServer is updated with support for drag-n-drop and disabling HELP/FEAT

The HTTP(s) web client now has better support for drag-n-drop, you can now drag-n-drop multiple files and individual overwrite prompts are being used.

zFTPServer can now be configured to disallow the use of the HELP and FEAT commmands for unathenticated users over FTP(S)

2015-05-22 - zFTPServer keep up the fight for security

Recently researchers announced a new SSL/TLS vulnerability called the FREAK attack. Basically this allow attacker to intercept HTTPS connections between server and clients and force them to use weak encryption.

zFTPServer have know removed RSA-RC4-MD5-EXPORT from the default list to handle this FREAK vulnerability.

Protect my system against a FREAK attack

2015-03-05 - Invite external users to collaborate in particular projects or information sharing

Missed out important details, time demanding meetings and general administration are three common challenges in a project. In this version we release a brand new feature which enables you to create the best conditions possible by using collaborating work areas through zFTPServer together with your colleagues, customers and students. Even though the function seems equivalent to the so far more well-known Dropbox, Collaborate does what Dropbox does, but without using dropbox. This is of course a much more secure and therefore better way of communicating with files between multiple computers since it can assure that no other people/computers but the authenticated users gain access to the information. More information on how to configure zFTPServer to gain access to Collaborate

2015-03-05 - zFTPServer - Information Security you Can Rely On

Internet is an efficient medium for managing and sharing information. Recent events in the world have however put information security in the front room. As it turns out cloak and dagger organizations, are, actually stealing- and monitoring information. Companies and organisations that transfer patent documents, blueprints, research and reports need to guarantee both integrity and make sure eavesdropping becomes impossible. While at the same time ensuring information security and secrecy the flow of information must still be easy to manage and readily accessible, zFTPServer lets you take control of your secure information flow.

zFTPServer from Västgöta-Data AB has always focused on information security and is now taking it even further. zFTPServer can now offer full support to individually configure to enable/disable different features and a protocol made accordingly to the “best practice”-scheme from Qualys SSL Labs. zFTPServer now achieves a perfect score at Qualys SSL Labs’ official test. We can therefore proudly present that zFTPServers test rating is A+ with the maximum score in Certificate, Protocol support, Key exchange och Cipher strength. More information on how to configure zFTPServer in order to gain full rating can be found here.

2014-04-09 - zFTPServer NOT affected by Heartbleed

zFTPServer is NOT affected by the Heartbleed (overflow) bug due to the fact that we use another TLS implementation. Thus encryption for file access using FTPS and FTP over HTTPS in zFTPServer is unaffected.

However if you use the same login and password for both zFTPServer as well as for other web services or online accounts that may have been the target of Heartbleed: As a precaution we recommend changing passwords. Always use strong passwords, change them regularly and do use different passwords for different services.

Security issues are considered with utmost respect from our perspective, as well as from the developer and ethical hacker communities in general all striving for improved security, and a sense of exploration. Upon discovery of any bugs or security issues, directly or consequentially, affecting zFTPServer please contact us promptly.