CompleteFTP revision history

Version Changes
Version 24.0.0
(29 June, 2024)
  • Add support for LDAP authentication.
  • Improved error handling and CPU utilization of the gateway. Both when downloading any file, and when the home folder is a gateway folder.
  • Fix directory traversal vulnerability in the File Manager.
  • Fix HTTP header vulnerability.
  • In the CompleteFTP manager app, go to top of users and folder lists when they are displayed.
  • Fix issue with installer failure if email notifications are saved in an old format. Happens if email notifications saved up until 21.1.0.
  • Fix random password generation in manager.
  • Fix IP filter bug re Allow All. If Allow All is enabled, and there�s an allow always rule for the same IP address, the allow always can get overwritten in the IPFilter code.
  • Fix issue where can't login with Domain user when setting the Default windows domain as 'mydomain' only.
  • Fix issue where AD user's group-specific log-in-as user's access control property is ignored (ach authenticator has a log-in-as user, but the AD authenticator allows this to be overridden by another log-in-as user that can be associated with an AD group).
  • Fix issue where promises in auto-generated proxies for JSS RPC aren't compatible with async/await.
Version 23.1.2
(15 May, 2024)
  • Fix issue with top level Amazon S3 Folder Accurate folder timestamps.
  • Add ability to create new sites without automatically adding users.
  • Support downloading of zip files bigger than 4 GB in the file manager folder download (support ZIP 64).
  • Make randomly generated passwords the same length as the minimum password length defined in the password policy.
  • Fix uneditable fields such as ClientPrivateKeyBytes in Gateway Connections.
  • Update Azure assemblies and related assemblies.
  • Update jQuery in file manager 2.
  • Fix issue with manager password being supplied on upgrade even if it was not set to be saved.
  • Fix an issue with SFTP request ids, which were overflowing with one particular client because they were ints instead of uints.
  • Update French translations in the file manager.
  • Disable SSL 3.0, which is redundant and insecure.
  • Fix JSON.parse failure when reading JSON files containing top-level arrays.
  • Fix JSS examples which weren't working properly.
  • CompleteFTP now requires .NET framework 4.7.2 or higher.
Version 23.1.1
(7 February, 2024)
  • Optional second layer of encryption of credentials during HTTPS logins has been added. Enable with the credentialEncryptionEnabled variable in customizations.jss.
  • FileManager language settings now correctly respect customizations.
  • Don't set Windows home directory permissions when saving new domain users.
  • User guide enhanced with images on reporting pages for better clarity and user experience.
  • Fixed a bug where the FileManager's search would include VFS subfolders regardless of search match.
  • Corrected the "No usage recorder found" error after restarting the activated Standard Edition.
  • New customization option added to hide username and password fields on the login form via the hideUserNamePassword variable in customizations.jss.
  • Removed nonsensical 'Grand Total' values for 'Most recent' field.
Version 23.1.0
(29 December, 2023)
  • Usage data storage and reporting (major new feature!).
  • Add support for ed25519 key types in SSH/SFTP.
  • Add connection info event property for use in triggers, that provides details of the protocol, ciphers etc.
  • Update Javascript editors to support new syntax.
  • Allow user to add code to validate changing folder in the FileManager.
  • Optionally allow showing context menu in FileManager by double-clicking.
  • Improve Portuguese translation in FileManager.
  • JSS API: make it easier to make configuration changes by adding system.changeConfig(callback).
  • Fix bug reading OpenSSH-formatted private key when loading a TLS certificate.
  • Fix bug re accurate timestamps flag for S3 subfolders.
  • Fix process trigger issue where a session becomes invalid if the user logs out while trigger is running.
Version 23.0.4
(13 September, 2023)
  • Add support for diffie-hellman-group-15-sha512 to diffie-hellman-group-18-sha512 in SSH key exchange.
  • Fix bug in Admin REST API: add group member fails.
  • Fix bug in IP filter code: if a Javascript filter throws an exception, the filter is disabled until the server is restarted!
  • Fix bug in process triggers that handle the LogIn on error event. If a client uses an invalid username, an exception is recorded in the log.
  • Fix User IP filtering issue with multiple sites in cases where there's a superfluous site left over from an Enterprise downgrade.
  • Fix TLS session memory leak.
Version 23.0.3
(9 August, 2023)
  • Improved performance, reliability and resource usage of JSS IP filters, and fixed bugs (1) filters stopped working after modification, (2) returning filter results as Javascript objects resulted in errors.
  • FileManager: add Download button in toolbar.
  • FileManager: make days before expiry configurable.
  • FileManager: Show message box if user doesn't have permission when opening or downloading a file or directory.
  • Fix bug with credentialed network connections.
  • Fix bug with phantom connections showing as <not logged in> persisting in CompleteFTP manager connection list.
Version 23.0.2
(30 June, 2023)
  • Update AWS assemblies to support IMDSv2.
  • Fix bug preventing all manual activation.
  • Fix bug in reading the new OpenSSH format for private keys that are not encrypted (i.e. no passphrase).
Version 23.0.1
(12 June, 2023)
  • Fix for Microsoft error "The requested security protocol is not supported", related to TLS 1.3 not being supported prior to .NET 4.8. The solution is to upgrade to .NET 4.8, or apply this version. NOTE: the minimum .NET framework required is still .NET 4.6.2 - it's just that 4.8 fixes this error. 23.0.2 only requires .NET 4.6.2.
  • In SFTP, if ssh-rsa is disabled, do not allow clients to connect with public key authentication using ssh-rsa. Previously, clients could ignore the server-sig-algs sent from the server to indicate what was available.
Version 23.0.0
(8 June, 2023)
  • Add support for TLS 1.3 for FTPS.
  • Updated Javascript interpreter to support most language features up to and including ECMAScript 2023.
  • Add user web-apps. Previously, users have not been able to add their own web-apps.
  • Add 'auto-create' checkbox to Active Domain authenticator dialog.
  • Improve activation process.
  • Allow a single email address to be used for multiple accounts.
  • Add support for UTF-8 paths and underscores for the REST API.
  • Fix bug in Download as ZIP - a customer had reported not all files were downloaded.
  • Installer now allows import of sdf files (the old config format) and db files (the new config format).
  • Requires .NET 4.6.2 or higher.
Version 22.2.3
(4 April, 2023)
  • Tighten security for built-in users.
  • Fixed bug in recently added switch-user functionality in HTTP/HTTPS.
Version 22.2.2
(21 February, 2023)
  • Fix SFTP issue where Windows paths were exposed in error messages returned to the client.
  • Fix bug where sites filter didn't work properly.
  • Fix SAML problem where importing metadata containing type attributes failed.
  • "Download as ZIP" in file manager now uses UTF-8.
Version 22.2.1
(12 January, 2023)
  • Enable JSS scripts to switch from one authenticated account to another.
  • Fix bug where FTPS data channels did not copy allowed algorithms from control channel.
  • Fix bug where Audit configuration form could not be opened.
  • Fix bug where installer would report an error while copying email notifications and process triggers during installation.
Version 22.2.0
(25 November, 2022)
  • Support for password expiration and password reset for non-Windows users. JSS authenticators can now define a setPassword function that will be called when the user requests a password change.
  • Strengthen default password policy for setting of new passwords, and ensure generated passwords comply.
  • Document use of two-factor authentication (2FA) for Microsoft Authenticator and others.
  • Add support for AWS instance name based Activation Keys.
  • Add the ability to get accurate timestamps from Amazon S3 folders. This must be enabled, as it can cause performance issues as timestamps must be fetched individually.
  • Add option to not update permissions in the Windows AD authenticator. Normally, CompleteFTP adds a permission giving the logged-in user full control over their home directory. This options prevents the permission being added.
  • Add extra features to the manager user list in the Users panel, including extra columns, filtering, search, grouping.
  • SMTP configuration settings moved to a more central location in Site/Settings of the manager.
  • Enable entry of language translations in the File Manager web application, so they can be sent to EnterpriseDT and included in the distribution.
  • Ensure SHA256 is used in FTPS peer signing if supported by the client.
  • Fix bug where transfers to/from network folders with custom credentials can be cut short.
  • Fix autoban duration to be always in seconds.
  • Fix license import bug in command-line license tool.
  • Fix bug in Windows AD group sorting and removal (after sorting, removal removed a non-selected group).
  • Fix bug in sorting user data on the CompleteFTP manager's user panel.
  • Fix bug in real-time logging (managled messages).
  • Fix bug where file sharing fails when home dir is set to root for a user.
Version 22.1.3
(15 August, 2022)
  • Fixed bug causing HTTP login page to fail to render (only when public HTTP access was disabled).
Version 22.1.2
(5 August, 2022)
  • Make all pages in Login, Logout and Account localizable. Japanese translation of these pages.
  • Allow configuring of server-sig-algs string via SSH/SFTP server host algorithms. This allows the server to send a SSH_MSG_EXT_INFO message to the client to indicate what client public key algorithms will be accepted.
  • Upgrade-proof user customization of HTML pages.
  • Fix key re-exchange bug introduced in previous version. If a client supports server-sig-algs the server sends a SSH_MSG_EXT_INFO message on connection. In the previous version, it also sent SSH_MSG_EXT_INFO during key re-exchange, which is incorrect.
Version 22.1.1
(5 July, 2022)
  • Recursive search added to web-based File Manager.
  • Fixed infinite loop in gateway that occurs if the remote file is truncated during transfer.
  • Fixed security vulnerability in HTTPS.
  • Fix bug in rsa-sha2-256 and rsa-sha2-512 host key algorithms.Implement rsa-sha2-256 and rsa-sha2-512 for user authentication.
Version 22.1.0
(11 May, 2022)
  • Add support for ssh-256-rsa and ssh-512-rsa in SFTP.
  • Support new PuTTY private key format (v3) for SSH private keys.
  • Allow S3 folders to use role based security instead of secret keys.
  • Add AdminAPI: REST API for CompleteFTP administration.
  • Can now specify key size for certificate signing requests (CSRs).
  • The CompleteFTP Manager now (mostly) supports other languages (Japanese to begin with).
  • Fix HTTP PUT failure when home-root is enabled.
  • Fix Amazon S3 folder issue, where only one S3 bucket could be accessed by a user in one session.
  • Fix timeout issue in HTTP uploads.
  • File-manager: Change appearance of breadcrumb to a simple slash-separated path.
  • File-manager: added refresh button to update listing.
  • User Guide improvements and updates.
Version 22.0.2
(22 February, 2022)
  • Fix certificate loading issue for private keys in PEM and PVK formats.
  • Unknown FTP commands ignored after logging in.
Version 22.0.1
(10 February, 2022)
  • Add random read access to AzureFileAdapter.
  • Rename Enterprise Edition to Enterprise MFT (Managed File Transfer Edition).
  • Fix SAML bug where HTML appended to SAML metadata.
  • Fix "Save Diagnostics" in the manager (broken in 22.0).
  • Fix license utility (broken in 22.0).
  • Allow CLNT and CSID without being logged in.
  • Check for 64 bit Windows in installer.
Version 22.0.0
(24 January, 2022)
  • Now a 64 bit Windows application.
    IMPORTANT! Firewall rules will need to be updated as CompleteFTP executables are now under C:\Program Files rather than C:\Program Files (x86).
  • Replace SQL Server Compact with SQLite for configuration database.
  • Improve installer for upgrades (no longer forces uninstall of previous version).
  • Improve iOS support in the file-manager (use double-press instead of long-press).
  • More meaningful error message when sharing from Azure and Amazon folders.
  • Passive FTP: accept data connections from white-listed IP addresses. Allows CompleteFTP to operate behind active/active firewalls requiring use of SNAT, including the Azure firewall.
  • Remove simple permission model - all editions now use the advanced permission model.
  • Improve handling of unknown commands in FTP.
  • Disabled elliptical curves in TLS that are non-compliant with PCI DSS requirements.
  • Add uname to SSH commands.
  • Support regular expressions in filename filters (via a 'regex:' prefix).
  • Support for new OpenSSH private key format.
  • Add support for reading ECDSA private keys in PuTTY format.
  • Restore original default autoban setting of 60 seconds for sample period.
  • Fix issue opening private key files (PVK) on certain machines (usually as part of loading a CA certificate).
  • Support for opening mp4 files from file-manager.
Version 21.1.0
(6 September, 2021)
  • Improve autobanning to prevent repeated failed connections. Increase default autoban counting period to 300 seconds for new installations.
  • Add copy menu item to user list.
  • Lots of minor improvements to the CompleteFTP manager GUI.
  • Fix issue of configuration database bloating if IP address of server is regularly changing.
  • Add support for importing ECDSA keypairs in new OpenSSH format.
  • Add support for user@domain syntax for Windows users when logging in.
  • Fix append for Azure files.
  • Add test Unix command to the command-line shell.
  • Enable Manager to be localisable by users. Localise side-menu to Japanese. Add Japanese translation for the web file manager.
  • Add support for long path names. Requires minimum Windows 10 version 1607, or Windows Server 2016, and LongPathsEnabled to be set in the registry. This doesn’t allow file-names > 255 chars as Windows doesn't support this - it is only paths.
  • Hide keys in Azure and S3 configurations.
  • Add SELECT support to cftpconfig.
  • Log memory consumption on user login/logout.
  • Add support for groups and public keys in web admin.
Version 21.0.1
(9 June, 2021)
  • Fix decryption issue for Encryption at Rest.
  • Fix permission error with JSS authenticators that access the virtual file-system.
  • Fix User Guide search.
Version 21.0.0
(19 May, 2021)
  • Add Two Factor Authentication (2FA) to HTTPS (Enterprise MFT).
  • Add support for CompleteAgent automatic downloads (Enterprise MFT).
  • Strengthen security in JSS scripting (used in web file-manager).
  • Add %protocol% macro for email notifications.
  • Script chaining in JSS web apps. Combined HTML/JSS files (.htmljss).
  • Implement SITE HELP command.
  • Use SHA256 to sign certificate requests.
  • Allow SIZE to be sent during FTP transfers.
  • Implement exporting of ECDSA public host keys.
  • Web-based account management added.
  • Fix issue where the PASV IP address could not be entered.
  • Strengthen Encryption At Rest.
  • Fix bug in event scheduler where monthly events get stuck in a loop.
  • Fix race condition when creating temporary scriptN.bat files for process triggers.
  • Fix bug with ReportDecryptedSize - it was causing HTTP downloads to fail because the wrong size was being reported and used for content length.
Version 13.1.3
(1 February, 2021)
  • Fix issue of manager hanging on initial connection (introduced in 13.1.2).
Version 13.1.2
(27 January, 2021)
  • Add 'user matching' option for the SAML authenticator, which causes CompleteFTP to use the settings of the CompleteFTP with the same username as the user logging in via SAML.
  • Fix ConsumeWindowSpace issue with SunOS sftp client.
  • Don't return an error in SFTP when a client attempts to cd to the parent of root (/).
  • Fix FTPS bug - VMware backup was failing with a decode error.
Version 13.1.1
(14 December, 2020)
  • Upgrade SAML library to help resolve some customer issues. Improve signature verification.
  • Add "Report Decrypted Size" as a user setting and remove the site setting.
  • Improve Active Directory authenticator by better checking that a user is in certain AD groups (now takes domain name into account).
  • Render HTML files opened from the file-manager as plain text (to prevent XSS attacks).
  • Add Swedish to web-based file-manager.
  • Close a vulnerability to oversize messages prior to authentication.
  • Produce an informative error message when incoming passive FTP connections fail.
Version 13.1.0
(18 November, 2020)
  • Add IPv6 support for all protocols. For FTP/FTPS, this includes EPRT/EPSV support.
  • Add ECDSA support. This includes ECDSA key exchange algorithms, ECDSA host keys and ECDSA user keys.
  • If encryption at rest is enabled, the size of encrypted files is reported incorrectly as it will include the file header containing encryption data. The ‘Listings show decrypted size’ setting in the Encryption At Rest section of File System Settings can be checked to obtain the true file sizes. Note that this has a performance cost for directories with many files, and so it is not enabled by default.
  • Simplified Windows/AD group configuration so that if the defaultWindows user is used as the template user, it will work with normal paths set for the home directory (previously it did not, and only supported Windows special folders).
  • Fix HTML error template Javascript injection attack vulnerability.
  • Add support for STRU F in FTP/FTPS (as Azure seems to require it).
  • Provide a way for migrated free edition installations to be reactivated.
Version 13.0.1
(7 September, 2020)
  • Improve memory management in SFTP.
  • Fix issue in SFTP where occasionally a file would be locked.
Version 13.0.0
(24 August, 2020)
  • Announcing the first release of CompleteAgent - a client-side Windows service and command-line tool that is designed for performing robust, automatic uploads to CompleteFTP. It requires CompleteFTP Enterprise Edition.
  • Added setting that allows overwriting of files on rename.
  • Added advanced Active Directory group integration with CompleteFTP groups.
  • Improve authentication speed for Automatic Windows Users.
  • Changing Windows permissions of existing directories can be very slow (and sometimes times out), so now only newly created Windows directories will have Windows permissions set.
  • The new file-manager now allows a single folder to be downloaded as a ZIP file.
  • Added support for extended master secret in TLS 1.2.
  • In SFTP, queue FXP_REMOVE and FXP_RENAME requests to prevent delete and rename failures after upload (because the server is still processing write requests).
  • Remove need to re-enter password when upgrading or reinstalling from versions after 13.0.
  • Major revision of user guide. Now more modern and mobile-friendly. Numerous fixes.
  • Enable changing passwords of Windows users (local and AD) via HTTP.
  • Bug fixes in HTTP PUT. The the HTTP reply (200) was sent back to the client too early, and in some cases the client was immediately closing the connection rather than completing the PUT.
  • Ensure Powershell scripts work with Powershell 5.x (so if Powershell 2 is disabled, scripts still run).
Version 12.1.5
(12 February, 2020)
  • Add support public key authentication in the gateway authenticator.
  • Improve the internal web pages.
  • Fix bug maximizing the manager on a secondary monitor.
  • Fix bug when Automatic Windows Users log in via public key authentication - password authentication was not used and so even though the login seemed to succeed, operations would later fail.
  • Auditing now reports transfer errors - previously a partial transfer was not recorded as a failure.
  • Fix issue re certain external RSA keys failing to be loaded.
  • Fix file sharing for active directory users.
  • Fix memory leak when custom command called from process trigger.
  • Allow adding cluster nodes with same SID.
Version 12.1.4
(7 October, 2019)
  • Fix append issue in FTP for certain VM configurations.
  • Security fix for manager password saving.
  • Security fix for SSH exec - now restricted to members of 'admins' group.
  • Security fix for new filemanager node permissions.
  • Jquery update.
  • Optimise when user-profile is loaded.
  • Fix installer issue with non-canonical access control lists.
  • Fix for importing latest Filezilla server config.
Version 12.1.3
(9 September, 2019)
  • Enable rename command to be called after PASV in FTP.
  • Update script engine.
  • Ensure manager supports TLS 1.2 for HTTP requests (such as checking latest version).
  • Fix manager bug with expand arrow for Quotas & Limits category hidden in some skins.
  • Installer security fix.
  • Remove direct dependence on CryptoAPI for TLS 1.0 and TLS 1.1.
  • Use ephemeral RSA keys to prevent buildup of files in MachineKeys folder.
Version 12.1.2
(16 August, 2019)
  • Add AES Galois Counter Mode (GCM) cipher suites to TLS.
  • Change email notifications to use TLS 1.2 if available.
  • Fix ConsumeWindowSpace issue.
  • Change the URL the manager contacts to find the latest version to HTTPS.
  • Improve Automatic Windows Users for authenticating groups in other domains.
  • Fix Gateway issue: changing permissions causes an error for FTP/FTPS.
  • Fix signature issue verifying SAML responses.
Version 12.1.1
(17 June, 2019)
  • Add diffie-hellman-group14-sha256 to SSH key exchange.
  • Audit and diagnostic log files now support non-ASCII characters.
  • Support modifying permissions from SFTP client via gateway folder to remote SFTP host.
  • Fixed a bug in SFTP directory listings (permissions and owner were sometimes incorrect).
  • Installer now prompts to remove previous installation to prevent issues with non-standard install locations.
  • Fix poor handling of permission denied error in new file-manager.
  • Web file-manager can now download multiple files.
  • Fixed SCP bug where could not upload a file when the filename contains Unicode characters.
  • Fixed SCP bug where could not upload a file after failing to upload a file blocked by a filename filter.
  • Fixed bug where generating RSA keys of keylengths not divisible by 8 caused an error. Now keylengths must be a multiple of 8.
  • Fixed annoying bug in manager GUI where changes to SFTP advanced properties did not trigger the enabling of the Apply Changes button.
  • Fixed error that occurs when clicking the CompleteBox icon in the system tray.
  • Minor documentation fixes.
Version 12.1.0
(31 March, 2019)
  • Password-protected sharing in CompleteBox.
  • Import PEM format certificate/private keys for server certificate.
  • Support for downloading a single dynamically created file that contains a recursive directory listing.
  • Add CSID and CLNT FTP commands.
  • Fix bug where RSA keys were generated with 2,047 bits instead of 2,048 bits.
  • Enable PASV and STOR/RETR FTP commands to be separated by other commands to support clients that do this.
  • Support SAML group claim and a custom attribute called 'group' to allow CompleteFTP group membership to be specified via IDP.
  • Numerous bug fixes in CompleteBox.
  • Improved memory usage when downloading large files via SFTP.
  • Fix for ncftpput clients hanging.
  • Fix for bug introduced in 12.0 where authentication would fail if the Domain Users group was specified as allowed group for automatic Windows users (AWU).
  • Support for better integration with SyncbackPro.
Version 12.0
(5 December, 2018)
  • New Web file-manager which includes file-sharing.
  • New WebAdmin application for basic user administration.
  • File system adapters for Amazon S3 and Azure
  • TLS/SSL certificate expiring event.
  • Many enhancements to the JSS (Javascript Serverside) Config API.
  • Add authenticator panel to users panel.
  • Ability to set a per-user home-root.
  • Enter path of Windows folders via text-editor.
  • Allow user to return a log-in-as user-name from their DB authenticator query.
  • Automatic Windows/AD authentication: Allow log-in-as user to be specified per AD group.
  • Expose client certificate to custom .NET authentication extensions.
  • Custom authenticators: make connection information accessible to authenticators.
  • Allow administrators to change folder type in the manager.
  • Allow administrators to add a date column in the real-time log viewer. .
  • Fix bug where HomeDirectory was ignored in advanced custom authentication extensions that use PK
  • Fix bug where 'Ignore filters' permission did not work properly for uploading of files via SFTP.
  • Fix CompleteBox errors after sleep/resume.
Version 11.0.6
(19 September, 2018)
  • Added Elliptic Curve key exchange algorithms for TLS 1.2.
Version 11.0.5
(25 July, 2018)
  • Fixed memory leak introduced in 11.0.3.
Version 11.0.4
(11 July, 2018)
  • Fixed bug where JSS mail attachments file streams were not closed, meaning the files were locked after sending.
  • Fixed ConsumeWindowSpace error that occurred with an SFTP client reading a file.
Version 11.0.3
(5 June, 2018)
  • Significant memory optimisation in certain situations for SFTP.
Version 11.0.2
(4 May, 2018)
  • Allow substitution of environment variables, such as %LOCALAPPDATA%, in network/macro folders.
  • Fix CompleteFTP manager bug where the error "Configuration changes have been made by a third party" prevents connecting.
  • Fix rare certificate issue where a microsoft\crypto\RSA entry is created by what ends up as an unresolved SID.
  • Fix logging bug where some log tags are blank, causing issues in real-time logging.
Version 11.0.1
(22 March, 2018)
  • Fix install failure on non-English installs (IdentityNotMappedException).
Version 11.0.0
(9 March, 2018)
  • Major new feature. Encryption at rest now supported.
  • Major new feature. CompleteFTP is now a SAML Service Provider.
  • Logout page now customizable.
  • Login page now responsive.
  • Various JavaScript Server-Side (JSS) enhancements, including the JSS Config API (in beta) that allows the user to make CompleteFTP configuration changes via JSS.
  • Enhancements to usermod command (Added enable flag and full-name argument).
  • Allow text selection in real-time logging view.
  • Fix issue where for certain users on Windows Server 2016 certificate generation was failing during installation with "Can't acquire cryptographic context" error message.
  • Simplify installer.
  • Minor CompleteBox fixes.
  • Fix ClientIP macro.
  • Fix bug where the manager was crashing when attempting to delete the server certificate of a non-Default site.
  • Fix bug where an error message was shown when trying to delete a secondary server from a cluster.
  • Failed logins now shown in audit log.
  • Minimum of .NET 4 required (earlier versions ran on .NET 2.0). Later versions such as 4.6 or 4.7 are also fine. Enterprise .NET extension DLLs must be recompiled with the .NET 4 framework. It can be downloaded from Microsoft here.
  • Tightened security of configuration data. WARNING! - users who have changed the 'log on' user of the CompleteFTP service from the default (i.e. local SYSTEM user) may need to manually configure Windows file permissions after installation (see here).
Version 10.2.1
(20 October, 2017)
  • Add support for HTTP 0.9 (used by some monitoring clients).
  • Added ability to enable and disable users in administrator scripting.
  • Fixed ClientIP macro in e-mail notification and process triggers
  • Fix permissions issue with multipart HTTP requests.
  • Configure scripting engine to work with .NET 2.0 and .NET 4.x.
  • Fixed JSS API documentation errors.
Version 10.2.0
(21 August, 2017)
  • Add server initiated key re-exchange for SSH.
  • Allow PASV to immediately follow PORT and vice versa for FTP/FTPS (first command is ignored).
  • Add CSRF token to web file manager to prevent CSRF attacks.
  • Added support for admin site authenticators.
  • Fix SSH bug when reading client version string.
  • Upgrade the binary that runs process trigger scripts (edtftp.exe).
  • Upgrade CompleteBox.
Version 10.1.1
(12 May, 2017)
  • Increase timeout when adding new secondary server to cluster, and make call asynchronous. Prevents timeouts for servers that take a minute or two to restart.
  • Fix bug where login failures caused by unrecognised user-names would only cause process triggers to be called if an alternative authentication method (such as AD authentication) was enabled.
  • Fix bug limiting the number of gateways that could be configured to three.
  • Fix gateway timestamp bug - gateway folders now allow timestamps of files to be set.
Version 10.1.0
(24 April, 2017)
  • New feature - added ability to add custom IP filter extensions (.NET or Javascript).
  • External database users can now use RSA & DSA public keys for authentication.
  • Added extensive step-by-step user tutorials.
  • Content-Type was missing in HTTP responses, which was a problem if X-Content-Type-Options "nosniff" is set, as the brower can no longer detect the content type.
  • Prevent the first "none" SSH auth method often sent by clients from triggering a failed login event.
  • Fix HTTP/HTTPS upload bug where multipart uploads ended up with an extra char.
  • Fixed bug where 'create a home folder automatically' when adding a new windows user can't be unenabled.
  • Fixed permissions bug in SCP transfers - impersonation wasn't working correctly initially..
  • Fixed issue with confusing log file entries.
  • Fixed HTTP login error that occurred when 'Use browser-based logins' and 'User's home folder appears as root' are both enabled.
  • Fixed numerous minor manager GUI issues.
Version 10.0
(21 December, 2016)
  • Major new feature - add ability to write process triggers in Javascript (JSS).
  • Modernize manager GUI with side menu.
  • User and site filtering in events (email and process triggers).
  • Add new system events (banned or autobanned IP address, server startup, clustering failure, certificate expiry).
  • Added TCP port usage view.
  • Numerous manager GUI fixes and minor enhancements.
  • Add ephemeral Diffie-Hellman (DHE) ciphers to FTPS, so perfect forward secrecy now supported.
  • Add ability to set additional HTTP headers so various security headers can be used.
  • Memory optimizations.
  • Disable SSH EXEC command in Standard Edition (and only enable in higher editions if SSH terminals are enabled).
  • Fix starting CFTP service from the manager (asks for elevated permissions).
  • Fix client certificate support in TLS 1.2 (i.e. FTPS).
  • Fix bug in FTP listing of absolute paths with a wildcard.
  • Fix bug where couldn't set the external passive IP if there was a 0 in the IP address.
  • Fixed bug where the manager gets into a loop if the real-time log download continually fails.
Version 9.1.3
(10 October, 2016)
  • Added ability to import Filezilla server users, folders and groups.
  • Fixed bug in gateway preventing multiple downloads and fixed issue with a SFTP <-> FTP failure.
  • Fixed bug in FTPS experienced when thousands of small files are transferred.
  • Fixed "invalid message number" issue experienced by WinSCP when transferring via SFTP.
Version 9.1.2
(12 September 2016)
  • Fixed SFTP bug that can cause server cpu to spike when certain clients such as perl sftp are used.
  • Fixed real-time logging bug that causes a loop in the manager when FTP is used as the connection protocol and real-time logging is enabled. Workaround is to use the default SFTP protocol to connect manager to the server (on port 14983).
Version 9.1.1
(30 August 2016)
  • Fixed cluster bug stopping servers from being added and also preventing synchronization (introduced with automatic deactivation in 9.1.0).
  • Fix for "Unable to load DLL 'dwmapi.dll'" error in CompleteFTP manager on Windows 2003 Server.
  • Fixed bug where min/max/close wouldn't be visible in Windows 2008.
  • Fixed bug preventing macros from working when used in names of virtual file-system folders.
  • Fixed bugs in new certificate chain importation feature - some certificates failed to load.
  • Fixed bug on machines with desktop logins disabled that allowed users to access folder that they did not have Windows permissions to access.
  • Prevented deactivation of servers if current activation key is invalid (esp if config moved to new machine).
  • Added error-message if user tries to deactivate on machine with invalid activation key.
Version 9.1.0
(5 August 2016, see also 9.0.1 changes)
  • Release of Free Edition supporting FTP and FTPS.
  • Support for automatic activation and deactivation added.
  • Added support for Tags in authentication extensions.
  • Various Javascript Server-Side (JSS) fixes and improvements:
    • Fixed bug preventing multiple JSON DBs
    • Added tags property to system.user.
    • Added adapterAbsolutePath to File objects.
    • Prevent circular includes.
    • Added support for x-www-form-urlencoded (i.e. standard form) encoding in HTTP POSTS.
Version 9.0.1
(19 July 2016, not made generally available)
  • Support for loading of intermediate SSL certificates, and sending the entire certificate chain to clients.
  • TLS 1.2 fix where signalling ciphers were being selected as genuine ciphers. Error in debug log was "Offset and length were out of bounds for the array".
  • Ensure FTP welcome message and SSH user auth message is converted to ISO-8859-1 (as some Unix clients can't cope with UTF).
  • Improve efficiency of SFTP threading when many small files are transferred.
  • Fix FTP directory listing so wildcards are handled.
  • Improve memory utilisation with the multiprotocol gateway.
  • Ensure clients don't complete a transfer until the secondary transfer is complete in the multiprotocol gateway.
Version 9.0.0
(23 March 2016)
  • Real-time log viewing in CompleteFTP Manager.
  • Script-based extensions. Authentication, file-system and custom command extensions can now be written in Javascript (JSS) and entered directly into CompleteFTP Manager. Enterprise MFT only.
  • Read-only sites. Sites can be switched to read-only using a single checkbox.
  • Added FTP STAT command.
  • Added passwd command to SSH shell so internal users can change their password.
  • Groups can now be set from authentication extensions.
  • New flat look-and-feel for CompleteFTP Manager.
  • Many improvements to JSS resulting from the development of our customer portal, edtConnect, which is hosted on CompleteFTP. Most notable is the introduction of JSON-DB - an indexed database where objects are stored in individual JSON files.
  • Changed gateway so that FTPS can specify max & min SSL connections.
  • Upgraded log4net DLL to 1.2.15. Resolves syslog bug in earlier log4net DLL.
  • Fixed SCP bug where filenames containing spaces could not be downloaded.
  • Fixed WinSCP issue where a directory's name was appearing in its content listing.
  • Fixed anonymous HTTP bug.
  • Fixed HTTP session time-out bug. Session time-outs were measure from time of login rather than time of last access.
  • Over 60 minor bug fixes and enhancements in CompleteFTP Manager resulting from a comprehensive usability review.
  • Made a start at improving CompleteFTP Manager's accessibility by making more user-interface elements compatible with Windows Narrator. It's still early days, so we're looking for feedback on this.
Version 8.5.1
(15 January 2016)
  • Fix bug affecting database authentication logins (login failure).
Version 8.5.0
(30 November 2015)
  • Password hashing now uses PBKDF2-SHA256.
  • New command-line commands for administering permissions (chmod, chown).
  • Support for TLS_FALLBACK_SCSV in TLS.
  • Fix bug in SSL3 renegotiation.
  • Change anonymous FTP behaviour so that if disabled there is still a password prompt.
  • Fix issue where login failures did not trigger the login event when set.
  • Remove RC4 support from default ciphers (as no longer regarded as secure).
  • Fix issue where downloading files with special chars in their name from HTTP works on Firefox but not with Internet Explorer.
  • Fix bug where all connections in the manager application are shown as from one user.
Version 8.4.0
(9 October 2015)
Version 8.3.3
(7 September 2015)
  • More efficient memory utilization, and now uses .NET 4.x framework if it is installed.
  • Bugfix for scheduled events, where some events were not firing due to a race condition.
  • Bugfix for downloading from a zip folder.
  • Fixed OpenSSH 6.7 (and higher) issue using HMAC SHA2 with SFTP.
  • Fixed incorrect IP address in logging.
Version 8.3.2
(22 July 2015)
  • Now reuses PASV port for the same client, meaning PASV port range is used more efficiently.
  • Fix to FTPS implicit mode.
  • Better throttling of server messages being sent to clients, reducing memory consumption.
  • Fix to SSH key re-exchange when initiated by clients.
  • New version of CompleteBox (1.1.1) included.
Version 8.3.1
(17 June 2015)
  • Replace Microsoft HMAC in SSH/SFTP as it was causing problems for a user.
  • Fix a directory traversal security vulnerability.
  • Minor fixes to logging.
Version 8.3.0
(8 May 2015)
  • Added scheduled events. This means events can be set up to fire at a predefined schedule, such as once per hour or at midnight every weekday.
  • Selectable ADO.NET providers for database authenticator.
  • Add SHA1 to database authentication option, so now MD5 and SHA1 are supported.
  • A user's Active Directory home directory can now be set as a macro variable.
  • Set service recovery options to automatically restart for new installations.
  • If the anonymous user is disabled in FTP, give an error rather than prompting for password.
  • Fix issue with certificate signing requests that meant Verisign/Symantec would not accept them.
  • Make IPAddresses configuration field larger so more network interfaces can be supported.
  • Gateway authenticator fix - for multiple authenticators, the connection details of the first remote server were being re-used.
Version 8.2.0
(18 March 2015)
  • Per-user IP filtering.
  • Add SHA-1 password hashing to Authenticator. Now extensions can use SHA-1 hashed passwords.
  • Revert to using SHA-1 in certificate signing requests (CSR) because Verisign doesn't accept SHA-256 requests!
  • In CompleteFTP manager, the FTP/FTPS Server Certificate property is now also available under Advanced HTTP/HTTPS Settings.
  • There is now an Extensions directory for loading extension assemblies from.
  • Allow filenames which have '...' as part of the name(three dots).
  • Many new Javascript Server-Side (JSS) features.
  • New maximum connections per user setting.
  • Fixed issue starting CompleteFTP manager on .NET 4.x-only installations on machines with non-English Windows. Manager would terminate with a FileNotFoundException referencing CompleteFTPManager.resources.
  • Fixed issues with initial blank page appearing after logging in via HTTP/S.
  • Fixed "Couldn't create unsigned certificate" exception that occurred on install with Windows Server 2003.
Version 8.1.6
(11 February 2015)
  • Use SHA-256 for certificate requests (CSRs) and for generating self-signed certificates.
  • Can now downgrade the edition automatically when applying purchased activation key.
  • Added lrename and ldelete to FTP scripting engine, and direct debug output to server log.
  • Add ability to export IP filter data from manager.
  • Modify installer so that CompleteFTP service is not removed when installer is run (if it exists).
  • Tidy overview panel.
Version 8.1.5
(16 January 2015)
  • Permit USER/PASS commands to be sent after logging in as per RFC 959.
  • Drag and drop for IE in the web file manager.
  • Fixed short timeout for starting downloads in web file manager.
  • Fix Gateway problem of closing the FTP connection when accessing a gatewayed FTP server via HTTP.
  • Fixed bug with default domain being cached when authenticating via automatic Windows users.
  • Improve memory management for SCP transfers of large files.
  • Fix OnChannelClosed() exceptions in log in SFTP.
  • Fix unusual stability issue reported by a user.
  • Fixed some URLs in the manager application.
Version 8.1.4
(5 December 2014)
  • Improve performance of SFTP under heavy load, and generally reduce memory consumption.
  • Include client's IP address in logging.
  • Improve TLS session resumption.
  • Fix disabling of SSL renegotiation.
  • Store logging config in separate file so that it doesn't get overwritten on reinstall.
  • Resizable panels in the group view, process trigger and email notification panels.
  • Undeprecated IUserInfo.HomeDirectory.
  • Fixed pscp bug where "Lost connection" was seen.
  • Fix HTTP/S intermittant download failures.
  • Fix gateway OutOfMemory error for large transfers.
Version 8.1.3
(22 October 2014)
  • SSL 3.0 is now disabled by default for FTPS and HTTPS. This was motivated by the POODLE vulnerability in SSL 3.0.
  • Added hmac-sha2-256 and hmac-sha2-512 support to SSH/SFTP.
  • Optimize use of SMTP client for the server so that email triggers scale better.
  • Fix minor installer issues - some files weren't being deleted on uninstall, and the manager is now detected if running when the installer is started.
  • Ensure that the Admin site is always listening on localhost no matter what configuration changes are made.
  • Fixed an SFTP bug that caused problems for file transfers in the multi-protocol gateway.
Version 8.1.2
(26 September 2014)
  • Add the ability to prevent files with name matching set filemasks from being uploaded or renamed to.
  • No longer a restriction on number of gateways that can be set up.
  • Improved error-reporting in web file-manager.
  • Updated the edtftp.exe scripting binary - adds some new features.
  • Fixed problems with multi-file upload in web file-manager ('invalid backend response' error).
  • Fix hanging session problem for users with disk quota.
  • Fixed "The path is not of a legal form" error in process trigger.
  • Fixed bug in adding multiple non-Windows users, which added a generated username if the user was already present.
Version 8.1.1
(29 July 2014)
  • Change from superceded OID for sha1withRSA to PKCS#1 OID in certificate request generator.
  • Fix bug where HTTP SSL ciphers couldn't be disabled.
  • Fix problem of Filezilla 3.6.x and later versions getting a parse error on newly generated self-signed certificates in FTPS.
  • Now rejects client-initiated SSL renegotiation.
  • Fixed cross-site scripting security hole.
  • Fix quota bug for random write access.
  • Fix problem where clients that stop transmitting during transfers but keep connection open do not time out.
  • FIx so that Chrome FTP works correctly (sends two PASV commands).
  • Rationalise macros across email & process triggers.
  • Fixed search in CompleteFTP manager.
  • Fixed bug where HTTP failed on a site if anonymous user was disabled for that specific site.
  • Fix Elfinder download bug which occurs when home is set to root.
Version 8.1.0
(24 February 2014)
  • Numerous improvements to the CompleteBox file-sharing client, including file synchronization.
  • Multi-protocol wrapper now supports publickey authentication for SFTP.
  • SSH user authentication methods can now be specified on a per user basis in the Enterprise Edition.
  • Discard changes button in the manager client.
  • Search added to User Guide, and PDF version included.
Version 8.0.1
(12 December 2013)
  • Add HTTP PUT.
  • Fix bug where some users received an "Index does not exist" error message in the CompleteFTP manager when deleting a folder.
  • Fix CompleteBox right-button click from Windows Explorer stopped working bug.
Version 8.0.0
(2 December 2013)
  • Added support for file-sharing, via a file-sharing client, CompleteBox.
  • Added the ability to write web-apps in Javascript, making CompleteFTP a powerful platform for developing file-oriented web applications.
  • Improved ability to download diagnostic information for support.
  • Significantly improved HTTP support.
  • Many minor enhancements and bug fixes.
Version 7.4.0
(4 October 2013)
  • SSH local port forwarding added, so that SSH tunnels can be set up.
  • Add new SSH admin shell commands: folderadd, foldermodify, folderdel.
  • Added timestamp preservation to scp.
  • Added SSL session resumption to FTPS.
  • Implemented rename in the Gateway.
  • Fixed a connection leak in the Gateway.
  • Fixed incorrect key fingerprint displayed for user keys.
  • Implemented FXP_FSETSTAT in SFTP.
  • Fixed scp file overwrite bug.
  • Fixed bug where RSA host key length was only 1024 in new sites - now 2048 bits.
  • Manager does not need to be running as administrator to import a new certificate and PVK file.
  • Fix disk quota bug.
  • Fix cyclic error message when using cp and mv commands in the SSH shell to copy a file into a subdirectory.
  • Ensure allowed protocol list is viewable in Standard Edition.
Version 7.3.0
(3 June 2013)
  • Addition of an "Allow always" category in IP filtering. These IPs can't get autobanned.
  • Allow numeric ranges in IP filters.
  • In SFTP, if file exists don't send an error in response to FXP_STAT if size or last modified time can't be obtained. This helps some Unix SFTP clients to work correctly.
  • Improved connection establishment performance by using cached local IPs.
  • Fixed bug where HTTP session timeout of 0 was not infinite.
  • Fix problem in email triggers where duplicate emails were sent under certain circumstances.
  • Move jquery code to local disk to prevent security error.
  • Call Dispose() on extensions.
Version 7.2.1
(23 April 2013)
  • Now Windows Server 2012 certified.
  • Improved installer to better detect .NET versions.
  • Fixed bug in SSH authentication when not all auth methods enabled.
Version 7.2.0
(21 March 2013)
  • Added HTTP file management - a Javascript file manager supporting upload, download, file viewing and more. Professional and Enterprise Editions only.
  • Added support for Windows RODCs when listing users (previously needed to be writable).
  • Enabled public key authentication to be used with Automatic Windows Users (the password must still be supplied).
  • Database authentication now supports use of password salts.
  • Allow admin user-name change in Standard and Professional Editions.
  • Make sure # can be used in file-names in HTTP.
  • Minor display bug fixes in the CompleteFTP manager.
  • Documented how to achieve syslog integration.
Version 7.1.2
(5 February 2013)
  • Unlimited-size, unbuffered HTTP uploads. Previously uploads were capped at 20MB because they were buffered in memory before being written to disk.
  • Added support for customized and automated installation.
  • Corporate Editions now come with an optional universal activation key (so that online activation is not required).
Version 7.1.1
(18 December 2012)
  • Performance enhancements.
  • Fixed SFTP bug where if first_kex_packet_follows=true is set, the guess is handled incorrectly.
  • Fixed "Server offline" bug, where if the server is taken offline in the manager, it can't easily be put online again.
Version 7.1.0
(26 November 2012)
  • Added support for customizable HTTP listings.
  • Added support for remote ZIP-file navigation. ZIP-files on the server can now be mounted as a directory, changed into, and individual files retrieved (write is not supported as this stage).
  • Added support for SSH keypair generation for users.
  • Make restarts of file downloads possible for > 2GB restarts (in FTP and FTPS).
  • Login/logout events in HTTP.
  • Add Groups to ISession for use in extensions.
  • Disallow slashes in virtual folder-names and prevent duplicate folder names. Add hidden folder flag for virtual folders.
  • Allow CoreFTP to use MDTM in a non-standard way for compatability.
  • Add option to exclude admin logging in log-view
  • Make virtual directories non case-sensitive.
  • Fix broken audit log, which wasn't logging anything.
Version 7.0.1
(5 October 2012)
  • Make CompleteFTPServer.dll strongly named.
  • Add the FilenameOnly listing format for FTP.
  • Enable macros to be placed in the names of virtual folders.
  • Fixed trial installation problem where the error "Key not valid for use in specified state" was seen.
  • Fixed bug applying Windows permissions of auto-created folders.
  • Fixed folder re-ordering bug that occurred when renaming folders.
Version 7.0.0
(20 September 2012)
  • Major new feature - cluster support in Enterprise Edition!! This means configuration changes on the primary server in the cluster are automatically propagated to the secondary servers. Very useful for failover and load balancing.
  • Added ability to add users via a script.
  • Fixed listings so if a single file was specified, its details are shown.
  • Added IsValidRSAKey and IsValidDSAKey methods to Authenticator so that users can validate public keys themselves as part of implementing an authentication extension.
Version 6.4.2
(23 July 2012)
  • Groups can now be defined for database users by providing an additional field in the query that supplies a comma-separated list of group-names.
  • Ensure any temporary script files are created by the process user.
  • Make standard RSA keylengths 2048 bits (increased from 1024 bits).
  • Fix bug when trying to log in as a disabled user (IsAnonymous NRE).
  • Fix security vulnerability in directory navigation.
  • Fix potential security vulnerability in SSH DSA signing. Thanks to Nadia Heninger for pointing this out.
  • Fixed bug that made using multiple email addresses as targets for email triggers difficult to use.
Version 6.4.1
(28 May 2012)
  • Modify response when anonymous user is disabled so that Internet Explorer pops up its login prompt.
  • Fix bug where PVK files generated during CSR creation failed to import when a new certificate was being imported.
  • Fixed bug in when adding multiple Windows users. If UseHomeForAllSites was not selected then would get "Please make sure every enabled site has a home-folder defined."
Version 6.4.0
(7 May 2012)
  • Added support editing of properties of multiple users in a single operation. Users can be selected by group membership and wildcard filter. Users may be added to groups when they're being added using the 'add multiple non-Windows users' form.
  • Group membership is now shown in the user-list in the Users panel.
  • Users can now be set an expiry date beyond which they cannot log on.
  • Added support for the generation of Certificate Signing Requests (CSRs) via the CompleteFTP manager.
  • Made it easier to implement custom authenticators, and added support for doing public key authentication.
  • Added support so that SSH/SFTP users can change their passwords if this is permitted.
  • Added support in custom authenticators for forcing password changes for SSH/SFTP users.
  • When using FTP scripts as process triggers, sometimes they fail with the error "The directory name is invalid". Now fixed. Also upgraded script engine.
  • Fixed bug where automatic Windows users failed to authenticate in HTTP/HTTPS.
  • Permit paths to contain ':'.
  • Fix bug where the manager overview panel fails to restore after minimizing.
Version 6.3.0
(27 February 2012)
  • Add HTTP to the multiprotocol gateway (Enterprise MFT only).
  • Add new macros, TIMESTAMP:format and TransferStatus for use in events.
  • Create new email notifications and process triggers by copying existing ones.
  • Redirect to user's home directory when logging in via /login page in HTTP.
  • System folders can now be viewed in folder browser in folder tab of manager.
  • Minor GUI improvements in the manager.
  • Fix bug where encrypted passwords were enabled and changing the admin password meant they could not be decrypted (and resulted in an error being displayed).
  • Fix trigger macro bug where WindowsPath and WindowsFolder macros were returning incorrect values when the home-appears-as-root feature was enabled.
  • Fix bug in email triggers where "Notify on Error" could not be saved.
  • Fix problem with license.exe - error message was "Could not load file or assembly 'System.Data.SqlServerCe, Version=".
  • Fixed file-system permission problem, which applied incorrect folder permissions for sub-folders if "User's home appears as root" was enabled. Previously the permissions of the user's home folder would be applied to all subfolders, overriding any that may have been defined for these.
Version 6.2.0
(28 December 2011)
  • Major Enterprise Edition feature added - the Gateway. This allows CompleteFTP to act as a gateway to other FTP servers - translating protocols in the process.
  • Added ability to define custom MIME types.
  • Permit non-Windows users to use the SSH terminal.
  • Minor bug fixes, and tweaks to manager GUI.
  • Fix bandwidth limiting bug in SFTP.
  • Fixed bug where invalid event data could hang subsequent events.
Version 6.1.0
(20 November 2011)
  • Introduced overview panel for Complete FTP Manager.
  • Added support for HTTP FORM uploads.
  • Make SFTP the default protocol for the Complete FTP Manager for new installations.
  • Add flag to enable support of backslashes in paths.
  • Fix HTTP session bug that can result in multiple authentication prompts.
  • Simplify installer options and operation.
  • Fix bug re client certificate authentication. Enforce admin permissions for managing the trusted certificate store.
Version 6.0.0
(23 August 2011)
  • Major Enterprise Edition feature: added support for multiple sites.
  • Added HTTP directory listings (Professional and Enterprise Editions).
  • Fixed bug preventing change of directory with a relative path into a virtual dir.
  • Fixed bug giving inconsistent timestamps for virtual dirs.
  • Fix bug where administrator password could not be changed if SFTP protocol was chosen.
  • Added support for multiple deletion of folders and users.
  • Improved memory management significantly.
  • Allow indefinite auto-bans (i.e. until next server restart).
  • Allow additional administrative users.
  • OPTS UTF ON/OFF added for FTP.
  • Make contextual help hidable.
Version 5.2.1
(18 May 2011)
  • Introduction of Enterprise Edition with support for custom extensions for authentication, events, site commands and the file system.
  • If AUTH argument not understood the client can now respond with USER if FTPS is not mandated.
  • Now examines the first character of the TYPE argument and compares with I or A rather than comparing the entire argument string.
Version 5.2.0
(27 April 2011)
  • When adding multiple Windows users a single home directory can be now be specified (usually a macro folder).
  • Added read-only flag for users. If a user is readonly then uploading (and other write operations) is not permitted for that user regardless of what file permissions are set.
  • Make FEAT more RFC compliant (remove '211-' in front of each feature in the list).
  • More firewall friendly for FTP active mode transfers (server binds to FTP data port 20).
  • FTP commands are now uppercased to cater for clients that send 'pasv' rather than 'PASV'.
  • Improved installer. Status updates are only displayed for certificate and key generation if they are actually being generated.
  • Fixed bug caused by clashes between naming of virtual file-system folders and Windows file-system folders. Windows folders now take precedence.
  • Prevent a file being closed prior to last FXP_WRITE by queuing the message (also for FXP_SETSTAT).
  • Fix bug limiting the number of email notifications (again!), and a bug where changed notifications were saved to the config database but not immediately applied.
  • Fix bug preventing notifications for HTTP.
  • Fix SFTP authentication bug re enabled flag.
  • Fix Windows user directory traversal bug.
Version 5.1.1
(15 March 2011)
  • Fixed bug where FTP connection would be broken by the passive wait timeout if there was a error while getting a listing or transferring in passive mode.
  • Fix bug in "Admin" configuration re error message "The value for column "ExtUserID" in table "Site" is DBNull".
  • Fix bug in email and process trigger filename filters, where wildcards were being treated as regex's.
Version 5.1.0
(21 February 2011)
  • Permit export of server's private key to file (only if manager is running locally).
  • Fix for Fetch (Mac OSX), which can't cope with FXP_READ replies that are out of order.
  • Fix for scp when "User's home folder appears as root" is set.
  • Fix in FTP so that 550 is returned when attempt made to delete a non-empty directory.
  • Support for aes128-ctr, aes192-ctr and aes256-ctr in SFTP added.
  • Support for diffie-hellman-group-exchange-sha1 and diffie-hellman-group-exchange-sha256 in SFTP added.
  • Fixed bug re anonymous user being permitted when the anonymous user was disabled (but anonymous enabled in Settings).
  • Fixed bug with multi-line welcome text in FTP when product details are hidden (Windows 7 ftp.exe hung).
  • Automatic backup of configuration file on a daily basis (if altered).
  • Fix for infrequent occurrence of server stopping listening.
Version 5.0.0
(20 December 2010)
  • Now supports HTTP and HTTPS.
  • Added support for external users via an OLEDB connection.
  • Added support for bulk user imports.
  • Process triggers now support FTP scripts.
  • Now supports TLS 1.1 for FTPS.
  • Handles anonymous user logins in a more standard manner for FTP.
  • Improved scalability re simultaneous connections.
  • Add login and logout event auditing.
  • SITE commands now case insensitive.
  • Listeners are started/restarted appropriately when "Apply Changes" is selected in the manager and protocols have been enabled or ports changed.
  • Can now hide product and version number in welcome messages/banners, for PCI compliance.
  • Fixed error with FTPS implicit where AUTH is (unnecessarily) required to be sent by the client.
Version 4.1.0
(10 September 2010)
  • Pro version now supports multiple SSH keys per user.
  • Fix bug where timestamp of newly uploaded file can be incorrectly set.
  • Implicit FTPS now supported.
  • SSL email servers now supported for notifications.
  • SSH exec now supported (for the same commands available in the SSH shell).
  • Fix bug that allowed guest users access if guest is enabled on the server machine.
  • Fix bug limiting the number of email notifications.
  • Improve server memory management.
Version 4.0.3
(1 June 2010)
  • Security fix to disallow paths containing '...' and ':'. This prevents unauthorised directory listings and transfers from outside a user's home directory.
  • Fix so that Powershell scripts are piped directly into Powershell rather than via a temporary file.
  • Minor GUI fixes to process trigger setup. Also path filter was not being used in process trigger - now fixed.
Version 4.0.2
(30 April 2010)
  • Domain name filters added.
Version 4.0.0
(16 April 2010)
  • Extensive real-time charts for performance monitoring. (Professional Edition only).
  • Added Process Triggers - the ability to launch processes on the server when events such as uploading or downloading occur (Professional Edition only).
  • SSH terminal access added for Windows users (Professional Edition only). Includes ability to execute processes on the server.
  • Disk quotas introduced (Professional Edition only).
  • Bandwidth quotas introduced (Professional Edition only).
  • Can now create a new folder from within the add-user forms.
  • Fix bug where creating a directory failed in WinSCP (when using SCP only).
  • Bug fix where it was reported that there was an unhandled exception causing the service to terminate.
  • Fixed bug where changing directory using forward slashes permitted navigation out of user's directory.
  • Fixed problem with determining AD group membership.
  • By default a maximum of 10 anonymous connections are now permitted (prevents someone denying service by connecting as anonymous many times.
Version 3.3.0
(22 February 2010)
  • Add support for autobanning of IP addresses (configurable in Professional Edition). If a client IP has too many authentication failures, it is automatically banned for a period.
  • Add support for WinSCP with the SCP protocol (already works with WinSCP/SFTP).
  • Some minor SCP fixes.
  • Fix manager logging problem - now logs correctly to ApplicationData (for the user).
  • Fix manager problem where new filters could not be added for the administration server.
Version 3.2.2
(2 February 2010)
  • Fix bug in handling of invalid SSH_FXP_EXTENDED messages.
  • Add filtering for reducing the number of users returned from large active directory domains.
  • Can now install the manager only for remote administration from another machine (production install only).
  • Fixed upload bug in SCP resulting from an infrequent race condition.
  • Increased minimum SSH window size to 64K to fix problem uploading with cURL.
  • CompleteFTP manager now logs to the same directory as the server.
  • Fixed installer bug whereby it always asks if the existing configuration should be kept even when it doesn't exist.
Version 3.2.1
(18 December 2009)
  • Fix "User's home folder appears as root" bug which prevented users from logging in when this flag is set (SFTP only).
  • Code sign the installation executable.
Version 3.2.0
(8 December 2009)
  • By default permit all Windows users to logon without explicitly adding them to the user database (see Settings). This can be restricted to users in active directory and/or local groups
  • Add option for home directory to appear as root ("/").
  • Add new permissons to Pro version: list folder, delete, create folder permissions. Make Windows and non-Windows permissions distinct.
  • Added license import/export command-line tool.
  • Permit non-Windows users to change their passwords (disabled by default).
  • Fix to prevent error when Cyberduck uploads files.
  • Fixed key re-exchange bug when kex initiated by clients.
  • Fixed Blowfish bug in SFTP.
  • Can now optionally delete the configuration on reinstalling.
  • When making a license request, allow copy to clipboard for separate emailing.
  • Allow admin to highlight and kill multiple connections. Auto-refresh of connection view.
Version 3.1.2
(26 October 2009)
  • Added new folder-type called 'Network Folder', which supports UNC paths.
  • Fixed erroneous license warning from Manager when used remotely.
  • Fix idle timeout problem causing SFTP sessions to never time out if disconnected abruptly.
  • Fix 'All users (read)' folder permission in Standard edition.
  • Allow path to config.sdf to be specified on CompleteFTPConsole.exe command-line.
  • Better error-handling in Windows file-listings.
  • Fixed error in new-user form causing half-configured user to be added when the user-root directory does not exist.
  • Improved login error messages.
Version 3.1.1
(16 October 2009)
  • Fixed problem where not all active directory users were listed if greater than 1000 users.
  • Fixed problem where failed to login domain users with non-alphanumeric chars in username.
  • Fixed problem where failed to log in local Windows users that were also on a domain.
  • Fixed problem where certificate parsing failed if there was a comma or semicolon in the subject.
  • Fixed problem where multiple Windows users could not simultaneously share MyDocuments.
  • Stop CFTP Manager minimizing to tray.
  • Stop Windows users from accessing other home directories.
Version 3.1.0
(4 September 2009)
  • User-specific protocol settings.
  • Reduce memory usage during log file viewing.
  • Stop scp client from hanging if SCP is disabled in the server and a command is attempted.
  • Fixed error where target filename could not be specified in scp.
  • Improved passive mode port range handling.
  • Logging improvements.
  • Fixed bug preventing deletion of e-mail notifications.
  • A variety of minor GUI fixes.
Version 3.0.1
(7 August 2009)
  • Fix logging bug where can't change log level to Debug.
  • Fix notification bug where can't delete last notification.
  • Fix incorrect log file location (Program Files -> Program Data).
  • Fix SCP bug where copy failed if target was a filename.
  • Minor performance tuning changes.
Version 3.0.0
(30 July 2009)
  • Added support for SCP (Professional Edition).
  • Permission editing added (more sophisticated version in Professional Edition).
  • Email notification for a variety of events such as file upload, download, delete (Professional Edition).
  • Auditing (i.e. tracking all changes to files - Professional Edition).
  • FTPS client certificate verification (Professional Edition).
  • IP filtering added - accept/reject connections based on IP address (Professional Edition).
  • Can now specify the network interfaces to listen on.
  • No longer disconnects channel when client sends SSH_CHANNEL_EOF.
  • Added support for MODE S (which is the default).
  • Fix re file overwrite problem.
Version 2.2.1
(24 June 2009)
  • Now closes console gracefully.
  • Fixed bug whereby a disabled user could still log in via SFTP.
  • Fixed bug where newly generated SSL certificate failed to save to the config.
  • Fixed auto-add user checkbox in 'Add Windows user form'.
  • Fixed bug where when a new activation key is entered, it is saved but the manager appears to show that it has not.
  • Manager now uses compression to speed up log file transfers.
  • Manager connection editor now allows clearing of properties.
  • Added extra SFTP and FTPS properties to Manager connection settings.
  • Improved handling of socket accept errors.
Version 2.2.0
(2 June 2009)
  • Introduction of professional version supporting Windows domain users.
  • Now works on x64 machines.
  • MODE Z compression added for FTP and FTPS (also OPTS MODE Z).
  • Can now directly download log files to local disk.
  • Fixed SFTP authentication bug, where if the username was supplied in the incorrect case, public key authentication failed.
  • Users can no longer list /home, i.e. they can't see what the other user directories are.
  • Administrator can retrieve user list (Professional version only).
  • Manager now displays the version number.
  • Fixed FEAT bug (indenting too many spaces for each feature listed).
  • Fixed timeout that occurs in passive mode with large transfers if the passive timeout is set.
  • Fixed bug whereby SFTP admin could only log in once.
  • Manager now displays any critical server errors when connecting.
Version 2.1.2
(7 May 2009)
  • Can now call TYPE command in between PORT/PASV and RETR/STOR (which some clients do).
  • Administration functionality can now be performed via SFTP.
  • Invalid user names aren't immediately rejected, forcing hackers to try authenticating.
  • Fix for WinSCP problem with files very occasionally being truncated.
  • Provide alternative for obtaining machine id hash if email client is not installed (for product activation).
  • Fix problem with using a non-default home directory when creating a Windows user.
  • Fix resource cleanup bug when client abruptly disappears.
Version 2.1.1
(23 March 2009)
  • Added support for the XCRC FTP command to check file integrity.
  • Better feedback while installer is running.
  • Added diffie-hellman-group14-sha1 key exchange method.
  • Should now work on .NET 2.0 SP1 (previously required a minimum of 2.0 SP2).
  • Fix problem with generated FTPS certificate being initially invalid.
Version 2.0.0
(11 February 2009)
  • Now offers full support for SFTP (FTP over SSH). Support for password and publickey authentication, RSA and DSA keys etc.
  • Can now set logging level in the manager.
  • User's Guide expanded.
  • Generation of server certificate takes place on the server.
  • Numerous enhancements to the Manager.
Version 1.1.0
(12 November 2008)
  • Fixed license reading bug - sometimes the license was not read correctly, resulting in the server running in restricted mode.
  • Fixed user impersonation bug that meant special folders (e.g. My Documents) could not be navigated to.
  • Database and log files now stored in C:\ProgramData (or equiv) rather than in Program Files.
  • Default encoding is now UTF-8. Encoding can now be changed.
  • Added User's Guide.
  • Improved responsiveness of Windows folder browser.
  • Set default name of Windows virtual folder to name of actual folder.
  • Fixed FTPSEnabled property.
  • Added ability to add multiple windows users in one operation. Fixed NRE when NodeForm was cancelled.
  • More descriptive message when max number of connections exceeded.
  • Returns meaningful message when AUTH is used and FTPSEnabled is off.
  • Rearranged controls and changed text to make it clearer that the settings are the settings of the admin connection and not of the server itself..
Version 1.0.0
(10 October 2008)
  • First commercial version! After many months of further development and testing.
  • New manager, better FTPS support, remote administration, too many other new features to explain here.
Version 0.5.1
(5 December 2007)
  • Fix permitting LIST to accept '-' arguments.
  • Disable idle time forced logouts by default.
Version 0.5.0
(13 November 2007)
  • First release, supporting FTP and FTPS.