Occasionally our customers ask if it’s possible to implement some form of one-time password (OTP) authentication for their SFTP users. Considering the complexity of the SSH authentication scheme, such task is definitely not trivial. To ease the process, Syncplify.me Server! V5 adds two new event-handlers and several functions to the scripting framework. This article explains how to use them to accomplish OTP authentication over SFTP. Continue reading
Occasionally users report that their white-list or safe-list in the web management interface suddenly shows up as “empty” and they cannot add any more IP addresses or networks to it. That bug was already previously documented in our knowledge base, and has been resolved/fixed as of version 4.1.5.
The misbehavior is caused by the fact that an Admin has added the same IP or network twice to the list(s).
Upgrading to the latest version will prevent Admins from adding any more duplicates… but it does not sanitize the existing lists, so you will still have to “clean” your lists manually before you can see them again. Continue reading
As of version 4.1.6, Syncplify.me Server! added 2 new functions to the VFS object for you to use inside your event-handling scripts (requires the Ultimate edition of the software).
Say, for example, that you have an encrypted VFS, like a VFS of type DiskAES256 as shown in the picture here below: Continue reading
We have just uploaded a new video to our YouTube channel: this new video shows how to automate the unattended execution of your Syncplify.me FTP Script! scripts using the Windows Scheduler:
While SSL/TLS security configuration for the FTPS protocol is entirely self-contained, Syncplify.me Server!’s Web/REST service relies on Windows’ HTTP.SYS subsystem, which is the same subsystem IIS is based on, and therefore its security configuration has to be made at operating system level.
The most significant improvement introduced by Syncplify.me Server! v4.1 is the ability to use MongoDB’s authentication. As explained in a previous KB article, our deployment of MongoDB was secure even without authentication, but keeping in mind all possible scenarios our development team has worked hard to add direct support to MongoDB’s native authentication into our software. This article explains how to use the new MongoDB Authentication Utility (installed along with Syncplify.me Server! v4.1+) to enable/disable this feature as needed.
The procedures outlined in this article are suitable for all single-node Syncplify.me Server! deployments. High-Availability (HA) deployments will require a little more work. Continue reading
If you already own an X.509 (SSL/TLS) digital certificate in PFX format, you know how simple it is to import it into your Syncplify.me Server! and use it.
But many of our customers asked for a tutorial on the longer procedure of requesting a digital certificate to a certification authority (CA) via a certificate signing request (CSR). So here’s the fully documented procedure for you.
First of all you have to generate the CSR, and to do that you will simply go to the Security->FTP(E/S) menu and select the option in the picture below from the certificate drop-down menu: Continue reading
While the step from v3 to v4 was somewhat “epic” (as 80%+ of the code was rewritten from scratch) the upcoming Syncplify.me Server! v5 will build upon the rock-solid foundation of v4 and expand and improve its features significantly. Version 5 will also be our most cloud-enabled version to date.
Here’s a list of some of the most important upcoming new features our users will find in Syncplify.me Server! v5: Continue reading
This totally free White Paper discusses the needs of healthcare providers and institutions, debunks some myths, and explains how to achieve the required levels of security and compliance.
Feel free to download it and use it under the CC BY-NC-ND 4.0 license.
In light of the recent news regarding ransomware targeting MongoDB, we would like to inform all of our users and customers that we are actively working to add support for MongoDB’s authentication directly inside our software.
In the meantime, though, it is very important to understand that:
- set aside the hype, a good network security model already addresses 99% of all the issues of this type (DB-connectivity related)
- Syncplify’s specific MongoDB instance uses port 28038 (instead of the standard 27017) and is therefore not targeted by the above mentioned ransomware
- Syncplify’s specific MondoDB instance only accepts requests from localhost (127.0.0.1) unless you have explicitly created a Windows Firewall rule
Because of the above reasons we believe that all Syncplify.me Server! instances deployed in non-HA mode are safe unless the network and Windows Firewall configuration has been altered by the users/customers themselves.
For HA (high-availability) instances, we do strongly recommend our users/customers to make sure their network firewall and Windows Firewall rules only allow connections to the DB server(s) from the machines running the SFTP front-end nodes. No other machine should be allowed to connect to your DB server(s).
This said, we want to reassure everyone – once again – that we are also actively working (with high priority) to add MongoDB authentication directly into our software.