Configuring SSL/TLS security for the Web/REST Service

While SSL/TLS security configuration for the FTPS protocol is entirely self-contained, Syncplify.me Server!’s Web/REST service relies on Windows’ HTTP.SYS subsystem, which is the same subsystem IIS is based on, and therefore its security configuration has to be made at operating system level.

In order to ease the process we recommend Natarc’s IISCrypto, a free and powerful utility that helps achieving the task with just a few mouse clicks. Continue reading

What’s new in the upcoming Syncplify.me Server! v5

Syncplify.me Server! version: 5.0.0+

While the step from v3 to v4 was somewhat “epic” (as 80%+ of the code was rewritten from scratch) the upcoming Syncplify.me Server! v5 will, instead, build upon the rock-solid foundation of v4 and expand and improve its features significantly. Version 5 will also be our most cloud-enabled version to date.

Here’s a list of some of the most important upcoming new features our users will find in Syncplify.me Server! v5: Continue reading

Syncplify.me Server! now available on AWS Marketplace

Syncplify.me Server! version 4.0 is now available on AWS Marketplace offering top security with hassle-free deployment, a 15-day free trial, and no up-front license fees.

WILMINGTON, DE – Syncplify, Inc., a young and dynamic US-based software development company, has released Syncplify.me Server!, a highly secure SFTP server available on Amazon Web Services Marketplace (AWS Marketplace). The new service is marketed under the name SFTP.cloud.

Syncplify.me Server! on AWS delivers the same level of security as its on-premises brother product, but without the need to go through a complex, lengthy installation procedure, and with no up-front traditional licensing fees. In fact, after the 15-day trial period, Syncplify.me Server! on AWS is charged on an hourly basis only for the actual usage.

“From a technical standpoint, making our software available on AWS Marketplace was a great choice to deploy a very secure file transfer server onto a highly reliable, globally available infrastructure,” said Fjodr Soyevskji, Chief Technology Officer at Syncplify, Inc.

“We believe that this relationship with AWS will greatly benefit our customers, especially those who need to deploy highly dynamic, secure, file transfer infrastructures that change frequently over time,” said Helga Kessler, Chief Operation Officer.

Customers can deploy the Syncplify.me Server! edition they need (Basic, Professional or Ultimate) on AWS, and they can choose between Windows Server 2008 R2 and Windows Server 2012 R2 EC2 instances.

 

Syncplify.me Server! v4.0.18 released

We have just released version 4.0.18 of our Syncplify.me Server! software. This version features the following improvements:

  • Added: scripting functions FileMove, StrSHA256, StrSHA512
  • Fixed: quota enforcement is now triggered correctly
  • Fixed: deployment of High-Availability (HA) virtual servers in Microsoft Azure now works as expected

As usual you can download this new release from our website.

Syncplify.me Server! v4.0.17 released

We have just released version 4.0.17 of our Syncplify.me Server! software. This version features the following improvements:

  • Added: new bearer-token authorization mode for the REST API (and updated the help/documentation accordingly)
  • Added: [%USER_DESC%], [%TODAY%] and [%SESS_CUSTDATA%] in VFS base path definition
  • Fixed: bug that prevented JSCH-based clients from downloading files correctly

As usual you can download this new release from our website.

The new “compound increment percentage”

Syncplify.me Server! version: 4.0.16+

Syncplify.me Server! v4.0.16 introduced a new (yet very important) improvement to the Protector™ technology: the compound increment percentage.

Before this update, the Protector™ would put an attacker’s IP address in the blacklist for a predetermined amount of time, and remove it from the blacklist once said time had past. But attackers often try to connect to the server to attempt further attacks even when they are already blacklisted.

The updated Protector™, instead, features a significant difference: if an attacker tries to connect to the server while already blacklisted, the attacker’s IP address blacklist expiration will be prolonged by an amount of time that is calculated using the above “increment percentage” compound to the “number of identified attack attempts” while such IP was already blacklisted. Logn story short: if an attacker keeps attacking, its IP address may very well never get out of the blacklist even when the blacklist is set to ban attackers IPs only temporarily. Continue reading

Authenticating users against your own DataBase

Syncplify.me Server! version: 4.0.16+

Note: in order to use the code posted in this article you need to be running at least version 4.0.16 or greater of Syncplify.me Server!

As you all know, Syncplify.me Server! already supports its own internal users, as well as Windows and Active Directory users (and groups, depending on the license type). Yet, some of our customers need to implement totally custom authentication methods, often based on their own user databases.

In this article we will show one way to do so. This is clearly just meant to serve as an example, and real-life scenarios require some further customization to the DB and the script posted here. But it’s a fairly decent starting point.

So, the background scenario for this example is:

  • our users’ authentication data are stored in a Microsoft(R) Access database
  • in our DB, each user is associated to a “category” (in this case his/her department: sales, marketing, …)
  • for the sake of this example, all users’ passwords are set to “password” (without quotes)
  • the script is pretty sophisticated, because besides authenticating the user, it will load a user profile that belongs to the “category” of the user from the main Syncplify.me Server! user-base

So let’s start taking a look at our user database: Continue reading

A great SFTP client for Mac? Here it is!

Quite often our Syncplify.me Server! customers and users contact us asking for recommendations regarding the choice of an SFTP client for MacOSX.

Of course there are several options out there. And then there’s Commander One by Eltima Software, the two-pane file manager for MacOSX that will make you forget anything else you’ve tried before on the Apple platform.

Not only it supports FTP, FTPS and SFTP, but also provides some highly desirable features like dual-pane tabbed browsing, support for compressed archives, regular-expression file searches, and even server-to-server file copies.

Our developers here at Syncplify have downloaded it and tested it thoroughly, and Commander One turned out to be an excellent software product, well designed, feature rich, and easy to use. For such reasons we feel comfortable recommending it to our users and customers as a great Mac client to connect to our Syncplify.me Server!