Syncplify.me FTP! v1.0.12.32 has been released. This new version features the following improvements:
Please download the latest version here.
Version 4.x of Syncplify.me Server! introduced a remarkable amount of new features, and improved some of the existing ones greatly. The latter is the case of high availability deployments, which have been rendered much easier and a lot more powerful.
This article explains one way (not the only possible one) to install and deploy a highly available multi-node Syncplify.me Server! in your network.
First of all, let’s prepare 3 virtual machines:
All 3 of these machines will need to have private IP addresses (LAN) and no public IP address. Keep in mind, the only public IP address is the one you will configure later on your Load Balancer.
The first step is the installation of the DB and HTTP/REST server. This one is pretty standard: just download the installer from our website and run it. After the installation of the pre-requisites and the software itself, the HTTP/REST Configuration Wizard will automatically be executed.
Make sure you choose the Advanced Setup configuration option.
The only non-obvious step is the configuration of the HTTP/REST Server Bindings. In fact the Wizard will try to identify your public IP address (if you have one) but you will need to manually change it and make sure to configure it to your VM’s LAN IP address.
For example, if your VM’s LAN IP address is 10.0.0.23, then the configuration will be as shown in the following picture:
After this, simply follow the rest of the Wizard as you would normally do in any typical installation.
The installation of each SFTP server node, instead, requires one extra step versus the DB/REST server VM here above.
On both VMs, please, make sure you choose the Advanced Setup configuration option, and on both of them make sure to specify the LAN IP address of the DB/REST server you have previously installed, when requested to do so, just like in the picture here below:
Now you can proceed, and when you get to the HTTP/REST Server Bindings, the Wizard will try to identify your public IP address (if you have one). On both nodes you will need to manually change it and make sure to configure it to each VM’s LAN IP address.
For the sake on this example, this could be your first SFTP node:
And this could be your second node:
Obviously all LAN IP addresses in this article are totally made up, and you will have to use/specify the ones that are configured on each one of your three VMs.
Once all of the above is done, you can log into any of the three nodes’ HTTPS Web Management Interface (ex: https://127.0.0.1:4443/go/) and start creating your multi-node Virtual Server. During the creation phase you will see all 3 nodes, but you will have to use only the 2 nodes that are meant to be SFTP servers and leave the DB server alone.
The last step is configuring your Load Balancer’s VIP (Virtual IP) public address and set it to balance the traffic between the 2 LAN IP addresses assigned to the 2 SFTP nodes. Once again, please, make sure there is no route/NAT that would make the DB server reachable from the Internet, only the 2 SFTP nodes must be reachable from the Internet.
Thank you!
We have just released version 4.0.30 of our Syncplify.me Server! software. This version features the following improvements:
Note: if after the update you notice any unexpected behavior in the web interface, just hit Ctrl-F5 in your browser; that will force the browser to reload the page as well as all back-end scripts and update the ones that may have been cached from previous versions of the software.
As usual you can download this new release from our website.
We have just released version 4.0.31 of our Syncplify.me Server! software. This version features the following improvements:
Note: if after the update you notice any unexpected behavior in the web interface, just hit Ctrl-F5 in your browser; that will force the browser to reload the page as well as all back-end scripts and update the ones that may have been cached from previous versions of the software.
As usual you can download this new release from our website.
We have just released version 4.0.32 of our Syncplify.me Server! software. This version features the following improvements:
Note: if after the update you notice any unexpected behavior in the web interface, just hit Ctrl-F5 in your browser; that will force the browser to reload the page as well as all back-end scripts and update the ones that may have been cached from previous versions of the software.
As usual you can download this new release from our website.
We have just released version 4.0.33 of our Syncplify.me Server! software. This version features the following improvements:
Note: if after the update you notice any unexpected behavior in the web interface, just hit Ctrl-F5 in your browser; that will force the browser to reload the page as well as all back-end scripts and update the ones that may have been cached from previous versions of the software.
As usual you can download this new release from our website.
We have just released version 3.1.6.56 of our Syncplify.me FTP Script!
This version delivers a hot-fix for the bug found in the Download function that affects only downloads to UNC destinations. If you are using scripts that download files to UNC paths, you are encouraged to download and install this update.
As usual you can download the latest version from our web site. Thank you!
Many of our users are asking how to add multiple user accounts to Syncplify.me Server! at once. Most of them already have a CSV (comma-separated value) text file with username and passwords of the user profiles to be added, so it would make a lot of sense for them to have a simple procedure to import such users from the existing CVS file. You can actually do that very easily by writing a tiny PowerShell script that internally calls our SMSCLI (Syncplify.me Server! Command-Line Interface), and this article shows one way to do so.
The first step is to make sure that we know what VFS these imported users will be using as their “home directory”. For the sake of this example (and to keep it as easy as possible) we will use a parametric VFS like the one shown in the image here below:
Make sure you copy the VFS ID and paste it into the CSV file as shown here below:
Now that the CSV file contains all the necessary (minimal) data, let’s write a PowerShell script to import it:
$csv = Import-Csv -Path C:\Temp\userstoimport.csv
foreach ($line in $csv) {
& 'C:\Projects\Syncplify.me Server!\_bin\Win64\SMSCLI.exe' -a admin -p someadminpassword -c adduser -username $line.username -userpwd $line.password -allowsftp true -homevfs $line.homevfs
} And then simply run the script inside the PowerShell host:
After the script is run, you will see the imported user profiles in your Syncplify.me Server! Web Configuration Manager:
That’s it. Plain and easy.
In light of the recent news regarding ransomware targeting MongoDB, we would like to inform all of our users and customers that we are actively working to add support for MongoDB’s authentication directly inside our software.
In the meantime, though, it is very important to understand that:
Because of the above reasons we believe that all Syncplify.me Server! instances deployed in non-HA mode are safe unless the network and Windows Firewall configuration has been altered by the users/customers themselves.
For HA (high-availability) instances, we do strongly recommend our users/customers to make sure their network firewall and Windows Firewall rules only allow connections to the DB server(s) from the machines running the SFTP front-end nodes. No other machine should be allowed to connect to your DB server(s).
This said, we want to reassure everyone – once again – that we are also actively working (with high priority) to add MongoDB authentication directly into our software.
This totally free White Paper discusses the needs of healthcare providers and institutions, debunks some myths, and explains how to achieve the required levels of security and compliance.
Feel free to download it and use it under the CC BY-NC-ND 4.0 license.
We have just released version 4.0.34 of our Syncplify.me Server! software. This version features the following improvements:
Note: if after the update you notice any unexpected behavior in the web interface, just hit Ctrl-F5 in your browser; that will force the browser to reload the page as well as all back-end scripts and update the ones that may have been cached from previous versions of the software.
As usual you can download this new release from our website.
While the step from v3 to v4 was somewhat “epic” (as 80%+ of the code was rewritten from scratch) the upcoming Syncplify.me Server! v5 will build upon the rock-solid foundation of v4 and expand and improve its features significantly. Version 5 will also be our most cloud-enabled version to date.
Here’s a list of some of the most important upcoming new features our users will find in Syncplify.me Server! v5:
The list here above is not comprehensive, in fact v5 will come with the above new features and more. And, as usual, all customers with an active subscription will receive the upgrade to v5 for free as soon as it’s released.
There is no set release date yet for v5, but we will be going BETA soon. Stay tuned!
If you already own an X.509 (SSL/TLS) digital certificate in PFX format, you know how simple it is to import it into your Syncplify.me Server! and use it.
But many of our customers asked for a tutorial on the longer procedure of requesting a digital certificate to a certification authority (CA) via a certificate signing request (CSR). So here’s the fully documented procedure for you.
First of all you have to generate the CSR, and to do that you will simply go to the Security->FTP(E/S) menu and select the option in the picture below from the certificate drop-down menu:
That will bring up the CSR creation page (the one in the screenshot here below) in which you will fill in all the fields with your host and corporate information:
Once you’ve filled in the above form, you will need to hit the Generate CSR button. This will actually also generate your private key. Make sure you save the private key as shown in the picture below, because if you don’t you will not be able to install your certificate later.
Once the private key is saved, the web interface will show you the actual CSR. Make sure you select it all and copy (Ctrl-C) it to clipboard.
Now you need to go to the certification authority’s web site and paste the CSR into their certificate request form.
After a while they will provide you with a digital certificate in CER format.
Once you receive the digital certificate, you will need to go back to Syncplify.me Server!’s web configuration interface, and go – once again – to the Security->FTP(E/S) section, and from there you will need to select the Import Certificate option from the certificate drop-down menu.
That will bring you to the page where you can import digital certificates. In such page you will need to paste the private key in the text box on the left and the certificate you received from the certification authority in the text box on the right, as shown in the picture here below:
If you did everything correctly, you will see an alert that informs you the operation was successful.
Once you have successfully imported your new certificate, please don’t forget to save the configuration in order for the change to take effect.
And one last remark: the procedure described in this article only affects the X.509 SSL/TLS certificate used for the FTPS and FTPES protocols. If you want to change the X.509 certificate used for the HTTPS protocol and the REST API, you will need to use the HTTP/REST Configuration Wizard (run it from the Windows Start menu) in order to do so.
The most significant improvement introduced by Syncplify.me Server! v4.1 is the ability to use MongoDB’s authentication. As explained in a previous KB article, our deployment of MongoDB was secure even without authentication, but keeping in mind all possible scenarios our development team has worked hard to add direct support to MongoDB’s native authentication into our software. This article explains how to use the new MongoDB Authentication Utility (installed along with Syncplify.me Server! v4.1+) to enable/disable this feature as needed.
The procedures outlined in this article are suitable for all single-node Syncplify.me Server! deployments. High-Availability (HA) deployments will require a little more work.
To enable MongoDB authentication for Syncplify.me Server!, the first step is to run the MongoDB Authentication Utility. You can find it in the Syncplify.me Server! v4 group inside the Windows Start menu:
Once the MongoDB Authentication Utility is run, it will show the current status of your system services and DB authentication. If MongoDB authentication is not enabled you will see something like this:
To enable MongoDB authentication, please, tick the “MongoDB Security” check-box, type in a strong password of your choice, and push the “Apply Changes” button. Please, be aware that this will restart all your Syncplify-related system services, and your SFTP/FTP(S) server will be down for a few seconds.
Once you push the “Apply Changes” button, you can observe the MongoDB Authentication Utility at work, stopping and restarting your system services…
Once MongoDB authentication has been enabled, the Utility will show you something like this:
You’re all set. Your MongoDB is not protected by its own authentication scheme, and all Syncplify-related system services are already using it with the new security features.
Once enabled, you may want to disable MongoDB authentication for Syncplify.me Server!… If you wish to do so, you may use the same MongoDB Authentication Utility you originally used to enable it. Simply remove the check-mark from the “MongoDB Security” check-box and push the “Apply Changes” button as shown in the picture here below:
As we’ve already seen when we previously enabled MongoDB’s authentication, your system services will also be stopped and restarted while disabling MongoDB’s authentication:
Once everything is done, and all services are restarted, you will see that MongoDB’s authentication has been turned off, and all Syncplify-related system services are now using MongoDB directly without authentication:
And that’s really it. All it takes to enable/disable MongoDB’s authentication for Syncplify.me Server! is explained in this article. Please be aware that in case you’re using a more complex deployment (like an HA deployment) you will need to run the MongoDB Authentication Utility on all SFTP and all DB nodes, and choose the exact same password on all of them.
We have just released version 4.1.0 of our Syncplify.me Server! software. This version features the following improvements:
Warning: upgrading to 4.1.0 from any version prior to 4.0.34 will invalidate your license, so please if you are a customer – before you upgrade – contact us to request a license reset.
Note: if after the update you notice any unexpected behavior in the web interface, just hit Ctrl-F5 in your browser; that will force the browser to reload the page as well as all back-end scripts and update the ones that may have been cached from previous versions of the software.
As usual you can download this new release from our website.
We have just released version 4.1.1 of our Syncplify.me Server! software. This version features the following improvements:
Warning: upgrading to 4.1.0 from any version prior to 4.0.34 will invalidate your license, so please if you are a customer – before you upgrade – contact us to request a license reset.
Note: if after the update you notice any unexpected behavior in the web interface, just hit Ctrl-F5 in your browser; that will force the browser to reload the page as well as all back-end scripts and update the ones that may have been cached from previous versions of the software.
As usual you can download this new release from our website.
Occasionally we receive reports from users who have forgotten their SuperAdmin password, asking how to reset it. This can be done by utilizing the “Forgot Password” button in the HTTP/REST Configuration Wizard. At times, though, users get back to us saying that there’s no such button.
Normally when you don’t see the “Forgot Password” button it’s because the “Syncplify.me Web/REST Service” wasn’t started.
Please start the “Syncplify.me Web/REST Service” and then re-run the REST Configuration Wizard, at that point you should see the button.
This totally free White Paper discusses secure file transfer regulatory compliance issues for banks and financial institutions, debunks some myths, and explains how to achieve the required levels of security and conformity.
Feel free to download it and use it under the CC BY-NC-ND 4.0 license.
We have just released version 4.1.2 of our Syncplify.me Server! software. This version features the following improvements:
Warning: upgrading to this version from any version prior to 4.0.34 will invalidate your license, so please if you are a customer – before you upgrade – contact us to request a license reset.
Note: if after the update you notice any unexpected behavior in the web interface, just hit Ctrl-F5 in your browser; that will force the browser to reload the page as well as all back-end scripts and update the ones that may have been cached from previous versions of the software.
As usual you can download this new release from our website.
While SSL/TLS security configuration for the FTPS protocol is entirely self-contained, Syncplify.me Server!’s Web/REST service relies on Windows’ HTTP.SYS subsystem, which is the same subsystem IIS is based on, and therefore its security configuration has to be made at operating system level.
In order to ease the process we recommend Natarc’s IISCrypto, a free and powerful utility that helps achieving the task with just a few mouse clicks.
Choose among several ready-made templates (which include Best Practices, PCI, and even PCI 3.1) and apply the changes. Once your system has been reconfigured, it’s likely you will have to reboot in order for such changes to take effect.
These configurations are system-wide, therefore – after rebooting – all HTTP.SYS based services will be stronger and more secure, including Syncplify.me Server!’s Web/REST Service and even Microsoft IIS.