Titan FTP Server Changelog

What's new in Titan FTP Server 19.00 Build 3660

Jul 11, 2021

Updated: Changed the default Passive Mode FTP Port Range to 28,000-30,000 to limit the number of open ports.
Fixed: 'Secure' attribute missing from ASP.NET Session Id. [SVR-I435]
Fixed: Open redirect vulnerability issue in the WebUI. [SVR-I432]
Fixed: Block Anti-Timeout scheme was not working when NOOP was issued. [SVR-I437]
Fixed: WebUI Security vulnerability with rename files. [SVR-I433], [SVR-I434]

New in Titan FTP Server 19.00 Build 3650 (Mar 6, 2021)

New in Titan FTP Server 19.00 Build 3595 (Jul 3, 2020)

New in Titan FTP Server 19.00 Build 3555 (Feb 10, 2020)

New in Titan FTP Server 18.00 Build 3272 (Mar 5, 2018)

New in Titan FTP Server 17.00 Build 3131 (Nov 16, 2017)

New in Titan FTP Server 17.00.3067 (Mar 22, 2017)

New in Titan FTP Server 2016 Build 2672 (Apr 1, 2016)

New in Titan FTP Server 11.15 Build 2195 (Mar 24, 2015)

New in Titan FTP Server 11.00 Build 2154 (Jan 16, 2015)

New in Titan FTP Server 10.47 Build 1892 (Oct 21, 2014)

Fixed: Issue which could cause the modification date of a folder to become invalid if something was added/deleted under that folder and the Titan/Cornerstone service was not running under full rights to touch the file system modification dates for folders.
Fixed: Users can now Download-as-Zip Virtual Folders when using the WebUI.
Fixed: Bug in the IPAccess List feature in the Admin Application which could fail to add an IP address to the Permit/Deny list if there was already an IP Address which was similar. Meaning that if 173.1.2.3 was already in the list, 73.1.2.3 would not be added properly. This gave the false impression that the IP Access List would ‘max-out’ at a certain number of entries.
Fixed: But in the Events Manager which would cause double-free of memory and could cause the service to crash under certain situations.
Fixed: SFTP issue which could cause a memory leak if the client application timed-out or canceled an upload mid-stream.
Fixed: srxCFG issue which failed to add a user to the proper groups when the user was initially created. This problem also occurred with users not being added to a group when the group was created.
Fixed: srxCFG issue which failed to return the DirAccess and VirtFolders information on a GET*ATTR call.
Fixed: SFTP Issue which could cause the client to fail to recognize a virtual folder if it was in the user’s home directory and referenced a UNC.
Fixed: During SFTP Public Key Authentication, the logfile now records the MD5 fingerprint of the raw/unencoded public key instead of the encoded public key. This helps to cross check the MD5 hash with other programs.
Fixed: The SFTP engine now supports stronger PCI compliant ciphers and macs including hmac-sha2-224, hmac-sha2-384, hmac-sha2-256, and hmac-sha2-512.
Fixed: The Certificate Manager and Host Key manager would allow a user to accidentally enter a blank space in the password. Spaces are not permitted in passwords when creating or exporting certificates and host keys.

New in Titan FTP Server 10.46 Build 1872 (Oct 7, 2014)

New in Titan FTP Server 10.42 Build 1840 (Mar 18, 2014)

New in Titan FTP Server 10.40 Build 1829 (Mar 18, 2014)

Added: Titan’s SFTP engine now supports the “vendor-id” extension for SFTP version 6.
Added: The Web Interface Rebranding dialog now has an option to customize the name of the server presented to the user in the browser.
Added: Enhanced support for certificate based authentication over secure WebDAV and FTP/S when using SafeNet eTokens.
Fixed: Security vulnerabilities in the Web Interface which could potentially allow a user to access information from another folder through an HTTP proxy injection. ,CVE-2014-1841, CVE-2014-1842, and CVE-2014-1843.
Fixed: Updated the Java Uploader used in the WebUI to include required security attributes to eliminate warnings on some browsers.
Fixed: SFTP issue which returned invalid INIT response when using SFTP v6.
Fixed: SFTP issue which failed to return the proper response to WS_FTP for a special extended query command.
Fixed: WebUI Problem which caused multiple event actions to be fired during a large upload.
Fixed: Logfiles were being written in Unicode format even when the Unicode option was not selected. This was true in both the main Log File Manager and also in the Events Manager action for Log To File.
Fixed: Removed invalid/weak SFTP ciphers from the Server Params configuration left over from older installations. These are not supported by the SFTP engine and were resulting in clients being refused access to the server.
Fixed: Problem with WebUI which failed to generate a directory listing which was introduced in v10.30 as a result of the bug fix for the MLST command.
Fixed: During FTP/S connections, the MLST command was not returning any information.
Fixed: The MLST command was returning a full directory listing if the supplied folder name had a trailing slash, such as MLST myDocuments/ or MLST /
Fixed: Internal path processing error which could cause an invalid Access Denied error message if the input path data contained one or more ‘..’ folders and was suffixed with a ‘.’ folder, such as MLST /folder1/../.
Fixed: The MLST command will now properly return the same path/file information specified by the client as the path/file specification in the first 250-path_file response line.
Fixed: Updated the Client Upload utility for the WebUI to prevent Java security warning.

New in Titan FTP Server 10.30 Build 1805 (Jan 9, 2014)

New in Titan FTP Server 10.10 Build 1780 (Sep 28, 2013)

New in Titan FTP Server 10.01 Build 1740 (Jun 12, 2013)

New in Titan FTP Server 10.00 Build 1732 (May 30, 2013)

Added: Updated FIPS compatible encryption engine which includes faster AES and SHA-256 algorithms.
Added: Added support for more secure hashing algorithms including HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512.
Added: When using non-native User Authentication, there is now a Flush Cache button in the Administration utility to clear the contents of the server cache.
Fixed: Optimized the encryption subsystems to be directly incorporated into each SRT product instead of sharing a common runtime engine.
Fixed: Potential issue with the IP-Access feature in the Administration utility which could cause some IP Addresses to be ignored if the list became large. [YCZ-549-89134] and [GCG-484-77814]
Fixed: When using Inheritance in the Administration utility, if you were to inherit a numeric setting from the Server level to the Group level, the Group level did not accurately show the numeric value of the inherited Server value. [MEL-444-52257] and [JWC-161-80173]
Fixed: If, when running the Administration utility, a change was made to a setting and then the utility was closed, the administrator will now be prompted to "Save Changes" before the application closes.
Fixed: When uploading a file through the WebUI, the filename was not being logged properly in the logfile if the user was uploading multiple files at the same time [BZB-589-89608]
Fixed: In the Administration utility, it was possible to have an event duplicate itself if the admin created an event and then went back and modified the event without first closing down, and relaunching, the Administration utility. [XDZ-829-86951].
Fixed: When uploading multiple files in the WebUI, and an event was defined to fire after a File Upload Success, the event was only firing after the last file uploaded, not on each file. [QRL-620-53566]
Fixed: Some of the text elements in the WebUI were not translated properly into other languages. [QUN-360243]
Fixed: Problem in the WebUI which failed to display the proper progress information during an upload.
Fixed: Problem which failed to properly check user SSL certificates for FTP/S if the 'Require User Certificates' feature was enabled.
Dropped: Insecure hashing algorithms HMAC-MD5-96, HMAC-SHA1-96 are no longer supported.

New in Titan FTP Server 9.25.1643 (Apr 17, 2013)

New in Titan FTP Server 9.21.1632 (Feb 2, 2013)

New in Titan FTP Server 9.20.1630 (Jan 3, 2013)

New in Titan FTP Server 9.13.1625 (Jan 3, 2013)

New in Titan FTP Server 9.13.1624 (Dec 4, 2012)

New in Titan FTP Server 9.12.1615 (Oct 16, 2012)

New in Titan FTP Server 9.11.1605 (Oct 16, 2012)

New in Titan FTP Server 9.01.1583 (Aug 1, 2012)

New in Titan FTP Server 9.00.1562 (Apr 13, 2012)

New in Titan FTP Server 9.00.1560 (Apr 9, 2012)

New in Titan FTP Server 9.00.1558 (Apr 9, 2012)

New in Titan FTP Server 9.00.1555 (Feb 29, 2012)

New in Titan FTP Server 9.00.1550 (Feb 16, 2012)

New in Titan FTP Server 9.00.1529 (Jan 21, 2012)

Added: Internationalization Support. Titan FTP Server v9 is completely UNICODE based which will allow the server to access, store, and manage an unlimited number of files in an unlimited number of languages/character sets at the same time.
Added: Ability to ban files that do not have an extension. For Example: "*."
Added: The SMTP Email Tab now supports the ability to add a special custom port instead of the default SMTP Port.
Added: Ability to use secure SMTP Email over SSL/TLS.
Added: Ability to handle chained CA certificates, specifically when Entrust hands down a certificate signed by an intermediate CA.
Added: Ability to assign a Primary Group to a user. In previous versions of Titan FTP Server, users were able to inherit some of their configuration values from a group which they were a member of. However, since there was no way to pick the group from which the user would inherit their settings, it was not consistent which settings the user would inherit. In Titan FTP Server v9 and later, each user will be assigned to at most 1 Primary Group. This Primary Group information will be used to determine where a user will inherit their setting from if inheritance is being used at the user level.
Added: Support for multiple host-keys for a given user. Users can now have one or more host-keys assigned to their user account. If the client presents any of the host-keys, they are authenticated.
Changed: In previous versions of Titan FTP Server, an Everyone group would be created even when the server was configured for non-native authentication. In Titan FTP Server v9 and later, the Everyone group will not be created on new servers unless native authentication is being used.
Changed: Implemented MS recommended workaround for ASP issue described in Microsoft KB-911272 which could cause ASP to unload while the WebUI was executing.
Changed: In the New Server Wizard, Anonymous FTP is now disabled when non-native authentication is being used.
Changed/Fixed: Issue in the Directory Access permissions which would prevent a subdirectory from having no access if the parent had full access. Titan FTP Server now accepts the concept of a null-ace, meaning that the Titan Admin can create a Directory Access rule that has no permissions. This rule will keep someone from accessing a directory even if the parent directory has been configured for Full Access with the 'Apply To Subdirectories' option enabled.
Fixed: Various memory management issues which could cause the Web Interface front end to go offline after a period of time because ASP.NET became unavailable. The ASP.NET issues would also manifest themselves by slowly accumulating system memory until the Titan FTP Server service would stop functioning.
Fixed: Various Admin issues dealing with the failure to properly enumerate groups and users when using non-native user authentication.
Fixed: Various issues in the Virtual Folder subsystems which could prevent new Virtual Folders from being added through the Virtual Folder Wizard and/or deleted or accessed.
Fixed: Various memory related issues which would slowly accumulate system memory if the Titan Tray or Admin applications were left running for an extended period of time.
Fixed: Various .NET and Web Interface related issues which would cause PCI scan warnings.
Fixed: Various issues in the srxCFG utility and srxCOM engine which prevented access and modification of various attributes.
Fixed: Various issues relating to the Flood Protection/DoS settings not being honored when configured to ban someone for a short period of time.
Fixed: Issue in the SFTP engine which could cause the Idle Connection Manager to close a connection as soon as it was established and before the user logged in.

New in Titan FTP Server 8.40.1351 (Dec 16, 2011)

New in Titan FTP Server 8.40.1349 (Nov 21, 2011)

New in Titan FTP Server 8.40.1346 (Nov 21, 2011)

New in Titan FTP Server 8.40.1345 (Oct 28, 2011)

New in Titan FTP Server 8.40.1344 (Oct 28, 2011)

New in Titan FTP Server 8.40.1343 (Oct 28, 2011)

New in Titan FTP Server 8.40.1342 (Oct 3, 2011)

New in Titan FTP Server 8.40.1338 (Sep 10, 2011)

New in Titan FTP Server 8.40.1336 (Sep 10, 2011)

New in Titan FTP Server 8.40.1335 (Sep 10, 2011)

New in Titan FTP Server 8.40.1334 (Sep 10, 2011)

New in Titan FTP Server 8.40.1333 (Aug 30, 2011)

New in Titan FTP Server 8.40.1332 (Aug 30, 2011)

New in Titan FTP Server 8.40.1328 (Aug 12, 2011)

New in Titan FTP Server 8.40.1327 (Aug 12, 2011)

New in Titan FTP Server 8.40.1326 (Jul 29, 2011)

New in Titan FTP Server 8.40.1325 (Jul 26, 2011)

New in Titan FTP Server 8.40.1317 (Jul 7, 2011)

New in Titan FTP Server 8.40.1316 (Jul 7, 2011)

New in Titan FTP Server 8.40.1314 (Jul 7, 2011)

New in Titan FTP Server 8.40.1311 (Jul 7, 2011)

New in Titan FTP Server 8.40.1310 (Jun 22, 2011)

New in Titan FTP Server 8.40.1309 (Jun 22, 2011)

New in Titan FTP Server 8.40.1308 (Jun 22, 2011)

New in Titan FTP Server 8.40.1307 (Jun 22, 2011)

New in Titan FTP Server 8.40.1306 (Jun 22, 2011)

New in Titan FTP Server 8.40.1305 (Jun 22, 2011)

New in Titan FTP Server 8.40.1304 (Jun 22, 2011)

New in Titan FTP Server 8.40.1292 (May 20, 2011)

New in Titan FTP Server 8.32.1242 (Mar 9, 2011)

New in Titan FTP Server 8.31.1236 (Mar 9, 2011)

New in Titan FTP Server 8.30.1231 (Dec 21, 2010)

Added: A "Kick User On Bad Hostkey" flag is now available in SFTP. If this flag is enabled, the default, any FTP client that presents an invalid SFTP key will be disconnected as if they supplied an invalid password. Turn this setting off to allow SFTP clients the ability to connect and sequentially issue multiple SSH host keys until a valid key is found.
Fixed: Internal memory issue which could cause a race condition in the Titan Service if multiple servers were configured under a single domain and one or more servers had an invalid IP address and Titan was installed on a fast quad-core multi-processor box.
Fixed: Internal logic error which would prevent users from being properly displayed in the Admin application as members of a group.
Fixed: Issue with non-native authentication which could prevent the Users from being displayed properly under the Members and Non-Members tab in the Admininstration application.
Fixed: The Permit SFTP flag at the Group and User level was not honoring the value of the parent which could result in SFTP being disabled at a group level but enabled at a user or server level.
Fixed: Added check boxes to the list of user host keys on the user SFTP tab to make it a bit more obvious which host keys will be valid for any given user.
Fixed: The SFTP engine was not propely processing invalid username/password hacking attempts and would fail to ban the IP address and not disconnect the user.
Fixed: Bug in SFTP v5 & v6 support whereby the extended OPEN flags were not being processed correctly causing uploads to fail.
Fixed: Issue with the database tables used by the Event Management System. When upgrading from an older version of Titan Server, and if no events existing, the event tables would not be created properly. While this error did not prevent the server from running, it did prevent new events from being created.
Fixed: Issue in the srxCOM interface which could cause a Windows error assertion in "WinCtr2.cpp".
Fixed: The installer was not properly checking and installing ASPX and was not properly registering some of the .NET objects needed for the WebUI to run.
Fixed: Updated the algorithm used in Passive Mode Accepts for FTP to help correct a problem with an occasional 425 timeout during a data connection.
Fixed: Updated DMZ client keep-alive logic to better detect when a firewall is recycled.
Fixed: Event notification for file upload events with the web user interface.
Fixed: On the Shared Connections tab in the Admin app, the Allow EPASV setting was not being set correctly if it was different than the Allow PASV setting.

New in Titan FTP Server 8.22 (Sep 14, 2010)

Fixed: Issue that could cause the Titan Service to crash with an ASP.NET error after periods of inactivity or if a timeout occurred in the Web Interface.
Fixed: Issue that could cause the Titan Service to crash if the Web Interface was being used to upload a file with a filename > 260 characters in length.
Fixed: Issue that could cause a user's session in the Web Interface to timeout during a long upload.
Fixed: Issue with the progress dialog box in the Admin application which could cause the progress to roll-over from 100% back to 0% on lengthy operations.
Fixed: Issue which would produce a '404 not found' error in the Web Interface after upgrading from Titan v7 to Titan v8 and the Web Interface was enabled in v7.
Fixed: Issue in the Server Migrate feature which would fail to migrate Events if the source of the migration was a registry based server configuration and the destination of the migration was a database.
Fixed: Issue with Virtual Folders which could prevent a Server Level Virtual Folder from being available to some users after an initial user logged in and accessed the folder.
Fixed: Issue with QuickSend which could result in a failure if the email attachment originated on a UNC share.
Fixed: Issue which would make the Admin app appear to be hung while loading groups from an Active Directory or LDAP server if there were a large number of groups. A progress dialog box has now been added to illustrate progress.
Fixed: Issue which could cause certain FTP commands such as APPE, COMB, CWD, DELE, MDTM, MKD, MLST, RETR, SIZE, STAT, STOR and XCRC to return Access Denied if the file or path argument was located on a remote UNC share and Impersonation was being used and the Titan Service was running under the context of the LocalSystem account.
Fixed: Issue where Titan would return _NO_SUCH_PATH as an error code under SFTP v3. The proper return code would be _NO_SUCH_FILE in v3 since _NO_SUCH_PATH was not introduced until SFTP v4.
Fixed: Issue which would cause the Titan Service to crash during a directory listing if it encountered a filename containing certain unicode characters.
Fixed: Potential Web Interface security issue. The 'web.config' file used for the Titan Web Interface now has debugging turned off to increase performance and security.
Fixed: Potential issue with the way Titan generated the path and keyfile names for SSH hostkeys which could result in a Titan not being able to load the keyfile for the server or a user during authentication.
Fixed: When modifying the Base Server Data Directory or a User's Home Directory in the Admin application, data could potentially fail to migrate to the new location if a file by the same name already exists in the new destination location.
Fixed: When upgrading from a previous version of Titan, the installer will now provide an installation option to install SQLExpress 2005 if it is not already installed on the system.
Fixed: The Titan installer will properly detect if AJAX extensions are installed on 64-bit systems and will only install them if necessary.
Fixed: Updated the logging subsystems for faster performance.
Fixed: Potential problem which could cause the Titan Service to appear to be hung when it starts if one or more of the entries in the "Servers" key of the registry were corrupt or could not be read.
Fixed: Problem with the "UNC Accounts" feature on 64-bit systems which could cause the Titan Service to crash.
Fixed: Database issue which would fail to create proper indexes on sr_ugidmap_uid and sr_ugidmap_gid when using non-native user authentication with Titan. This caused performance issues with systems having a large number of Titan users (20,000+).
Fixed: Event Manager problem which could cause performance issues when a large number of "Flagged For Review" events accumulated in the system.
Fixed: Memory leak in the Admin application which failed to release memory properly when it closed.
Fixed: Streamlined the NT/SAM authentication interface to increase performance for large installations of 100,000+ users and 100,000+ groups.
Fixed: Potential memory leak if NT/SAM user authentication was used and Impersonation was enabled.
Fixed: Login problem which could cause a "Login Failed" response when using Impersonation with Titan and there were a large number of users accessing the system.
Fixed: Login problem which could cause a delay when logging in to Titan is Impersonation was used.
Fixed: Timing issue which could cause the Titan Service to crash during startup if multiple servers were defined on the domain, one or more of the servers was unable to start, and the Titan Admin app was running and the Admin tried to manually start the server repeatedly.
Fixed: When running with debug level logging, Titan would indicate that some of the database query execution times were in 'milliseconds' when it was actually 'seconds'.
Fixed: Potential problem which could cause Titan to fail on various internal file operations if it encountered a long path name of more than 250 bytes long.
Fixed: Potential problem which could cause Titan to fail on various internal file operations such as 'Delete' or 'Rename' if Impersonation was used and the files were stored on a UNC share.
Fixed: Parsing problem which would cause users to not appear in the Titan Admin application when using non-native user authentication and the backend domain had more than 50,000 users or 50,000 groups.
Fixed: Timing issue which could cause the Titan Service to crash if the Admin attempted to stop/start the very quickly while server was in use and under heavy load by many users.

New in Titan FTP Server 8.21 (Sep 14, 2010)

Fixed: Installation issue which could cause the Account being used by the Service to be reset to LocalService during an upgrade from an earlier release.
Fixed: Downloading a file over FTP or FTPS would sometimes return a 451 error when using NT impersonation.
Fixed: Increased the SFTP server's listening pool buffer size to handle higher volumes of SFTP traffic. This corrects an issue where Titan would reject some SFTP connections when in a high volume installation.
Fixed: Updated the logic used to interact with the events management database. This corrects an issue which would cause the server to record higher than necessary CPU usage if there were thousands of events and flagged events configured in the system.
Fixed: Issue with the 'Spawn External Command' dialog box in the Events Management UI which would allow for the creation of an action if no external command was specified.
Fixed: Issue with the 'Select file/folder' Condition dialog box in the Events Management UI which would fail to store the selected file/foldername that was chosen when you clicked on the '...' browse button.
Fixed: The File Progress information would sometimes fail to display during uploads in the Web Interface Module.
Fixed: Large file uploads in the Web Interface Module would sometimes timeout and the user would be returned to the main logon page.
Fixed: The 'Cancel Upload' button would sometimes fail to display during an upload in the Web Interface Module.
Fixed: In the Admin application, hitting F5 would sometimes crash the application if you had many servers configured for your domain.
Fixed: Issue with large uploads in the Web Interface Module which could cause ASP.NET to crash after a period of inactivity between ASP.NET and Titan. This in turn would bring down the Titan Service.
Fixed: Login issue when using NT/SAM authentication which could cause long delays when logging in to the server, especially if Impersonation was enabled.
Fixed: The Local Administration Server logfile for the main domain was not honoring the main Domain Log Directory setting in the Admin application.
Fixed: Added more detailed logging at the Domain level to help diagnose situations where a server may have issues during startup.
Fixed: Memory allocation/release error that could cause the service to hang or crash when using NT, A/D, or LDAP authentication.
Changed: Increased the connection timeout to 30 seconds on the SMTP/EMail configuration dialogs in the Admin application to handle situations where connecting the the email server takes a long time.

New in Titan FTP Server 8.20 (Sep 14, 2010)

Added: New DATETIMEEX variable to the events system that prints the raw date/time suitable for using in filenames, YYYYMMDDHHMMSS
Added: Ability to detect username/password hacking attempts on the DoS/Flood Protection tab.
Added: Icons to the Events List to illustrate the enabled state.
Added: New option for the 'Launch Script' Event Action to 'Quote Params'. If enabled, double-quotes will be added around each parameter sent to the script.
Fixed: Bug which would cause the Titan service to crash if running on a 64 bit OS and FIPS mode was enabled and SFTP was being used in conjunction with NT/SAM Authentication and/or NT Impersonation.
Fixed: The 'flagged for review' events were not working properly in the Admin.
Fixed: Deleting a server would leave partial information in the events tables.
Fixed: 'Move' was not working properly in the WebUI.
Fixed: The "Delete Server 'servername' from the system" message was formatted incorrectly.
Fixed: Enabling/Disabling events did not take affect until the server was restarted.
Fixed: Delete now works for folders with stuff in them.
Fixed: WebUI, when turning off Lock User In Home Dir, the RemoteURlValidation() would fail with "Invalid Server Path".
Fixed: WebUI, ClientUpload was failing when buried 2 or more deep in nested folders.
Fixed: srxCOM, SetAttr() was not working for Servers/Groups/Users. This is been broken forever.
Fixed: Column headers under IE8 now format correctly.
Fixed: The WebSite was not reloading the ServerDefaults correctly and didn't always accurately determine if the QuickSend or WebUI module was activated/enabled.
Fixed: The Logfile was not correctly dumping the registration codes and their status'.
Fixed: If FTP was disabled, users could not access the server through the WebUI.
Fixed: Bug in WebUI -> Move did not work if the 'Lock User In Home Directory' feature was disabled.
Fixed: The "Test Fire" option in the event handler system would generate strange %CIP% variables.
Fixed: srxCOM, If an invalid server name is supplied to a method, it will return SRX_SERVER_NOTFOUND. Same (respectively) is true for an invalid Group or User.
Fixed: srxCOM and srxCFG. You can now specify a list of Users as members of a group or groupnames as membership for a user.
Fixed: When storing Events in the registry, no new events could be added. New events were replacing old events.
Fixed: When using NT/SAM or ADSI and Impersonation, RNFR/RNTO was failing.
Fixed: Email notifications where the client user was not logged in displayed an empty USERNAME. It now replaces USERNAME with CIP.
Fixed: Titan Interop now checks the vailidity of the Connection Context to ASP. This prevents ASP from crashing and taking down the Titan Service.
Fixed: Database issue which failed to clean up queries against the Acl table that could lead to unnecessary database disconnects & reconnects.
Fixed: Idle Connection Timeouts were not working for WebUI connections.
Fixed: Various database issues which could cause deadlocking in the server if using SQLServer and the database server goes offline or becomes unavailable.
Fixed: Some strings were not localized correctly in the JA version.
Fixed: Potential issue with AUTH TLS which could cause a memory error if the server certificate failed to load.
Fixed: Modifying an event, and changing its name, would create a new event and leave the old. It now replaced the original event.
Fixed: Problem that would cause HTTP connections to timeout during a download.
Changed: Added new dedicated QSNotActivated and WebUINotActivated pages to the WebUI.
Changed: Idle Connection Timeout is now enabled by default at the server level.

New in Titan FTP Server 8.10 Build 1125 (May 19, 2010)

Added: Multiple SSH Host Keys are now supported at the user level when using SFTP.
Added: A new multi-threaded upload client in the Web Interface which can handle files larger than 4GB in size.
Added: A new "Secure File Delete" option which will securely overwrite, mangle, then wipe the contents of a file before deleting it. The filename is also mangled and then deleted.
Added: A new "Disable AutoComplete" feature in the Web Interface that will prevent the browser from saving the user's login information to the local browser cache.
Added: Ability to configure the timeout value for how long the server will wait for an incoming passive mode connection during an FTP session.
Added: Ability to allow empty directory name when issuing CWD from the client. CWD with no arguments will now simply remain in the current directory.
Updated: Certificate information is now dumped to the Debug log when using SSL.
Fixed: The 'Ban IP Forever' option of the Flood Protection/DoS feature was not always adding the IP address to the banned IP list.
Fixed: If the server failed to have the DMZ server listen on a specified port it would not retry the connect properly.
Fixed: SSL handshake issue that could result in aborted connections.
Fixed: The 'Disconnect' event was not being triggered consistently when SFTP connections would close.
Fixed: When enabling HTTP or HTTPS in the Admin, the Web Interface feature was not automatically being turned on (or off if both HTTP/HTTPS were disabled).
Fixed: On page 3 of the SSL Certificate Wizard, the Cert Name was read-only. this prevented renaming the cert which, if it was a wildcard cert, would fail to create the cert.
Fixed: When generating wildcard certificates, the '*' is now removed from the certificate name which will allow it to be saved to a file.
Fixed: Bug in the Certificate/SSL engine which could fail to open SSL Certificates created with Titan FTP/MFT Server v7 and earlier; especially if they were 1024-bit RSA based keys.
Fixed: In the Web Interface,, if you had a Virtual Folder with a different virtual name, it would yield an "Invalid Server Path" error during various operations.
Fixed: On the Web Interface Login page, the Username and Password labels were not aligned.
Fixed: Bug in the Web Interface which could prevent files from being uploaded if they already existed on the server.
Fixed: HTTPS uploads now work in the Web Interface.
Fixed: LDAP Authentication issue that prevented members of groups to be displayed when those groups were Org Units in the LDAP directory.
Fixed: SQLServer issue which prevented database from being created on x64 bit versions of Windows.
Fixed: The Client IP address is now recorded correctly when client connects through the Web Interface.
Fixed: The logfile header now displays the proper OS version when running on Vista, Windows 7, or Windows Server 2008.

New in Titan FTP Server 8.01 Build 1069 (Feb 25, 2010)

New in Titan FTP Server 8.00 Build 1036 (Jan 27, 2010)

New in Titan FTP Server 7.12 Build 0896 (Aug 22, 2009)

New in Titan FTP Server 7.11 Build 0878 (May 27, 2009)

New in Titan FTP Server 7.10 Build 0877 (May 21, 2009)

New in Titan FTP Server 7.00 Build 828 (Dec 18, 2008)

New in Titan FTP Server 6.26 Build 632 (Oct 17, 2008)

New in Titan FTP Server 6.26 Build 631 (Oct 15, 2008)

New in Titan FTP Server 6.26 Build 630 (Oct 6, 2008)

New in Titan FTP Server 6.25 Build 623 (Sep 16, 2008)

New in Titan FTP Server 6.24 Build 621 (Aug 19, 2008)

New in Titan FTP Server 6.20 Build 585 (Apr 11, 2008)

Added: Password Complexity feature for the MFT edition of Titan. Titan can now force passwords to adhere to standard complexity rules.
Added: Option in the Run Script event that allows Titan to block and wait for the event before processing other commands.
Added: %FILESIZEB% variable to print out the file size in bytes instead of Kbytes.
Added: %TIMEONLY% and �TEONLY% variables to break date/time values out separately.
Fixed: Potential minor memory leak during logfile generation (Build 581)
Fixed: Fixed: CWD bug which failed to trap for invalid wildcard characters.
Fixed: 'Restore Server' is now available as an option from the Server menu. This will restore a previously backed up server configuration over the existing server configuration.
Fixed: Some Group parameters were not being honored if using Active Directory authentication.
Fixed: srxCOM object was failing to connect correctly.
Fixed: SFTP was returning an incorrect attribute flag for a Virtual Folder when running in v3 mode.
Fixed: Active Directory authentication issue which failed to recognize Organizational Units as valid groups under certain configurations.
Fixed: The 'Logfile Rotated' event now fires.
Fixed: Issue that would prevent the Titan Admin program from launching on older versions of Windows 2000.
Fixed: Events Management issue that could corrupt the events list if IP addresses were banned for failed login attempts.
Fixed: Active Directory authentication issue which prevented users Email Address from being picked up from the A/D server.
Fixed: Active Directory authentication issue which prevented users home directory from being retrieved if User Cache Life or Group Cache Life was set very short.
Fixed: Issue where Virtual Folders were not hidden if the 'Hide Hidden Directories' feature was enabled and the Virtual Folder was marked as hidden.
Fixed: Issue where Virtual Folders would appear in a directory listing if the user did not have access to the Virtual Folder and the user enabled the 'Hide Folders User Cannot Access'.
Fixed: If SFTP services are enabled on the server, but FTP services are not enabled, the 'Anonymous' user account is no longer created.

New in Titan FTP Server 6.20 Build 580 (Mar 31, 2008)

Added: Password Complexity feature. Titan can now force passwords to adhere to standard complexity rules.
Added: Option in the Run Script event that allows Titan to block and wait for the event before processing other commands.
Added: %FILESIZEB% variable to print out the file size in bytes instead of Kbytes.
Added: %TIMEONLY% and �TEONLY% variables to break date/time values out separately.
Fixed: CWD bug which failed to trap for invalid wildcard characters.
Fixed: 'Restore Server' is now available as an option from the Server menu. This will restore a previously backed up server configuration over the existing server configuration.
Fixed: Some Group parameters were not being honored if using Active Directory authentication.
Fixed: srxCOM object was failing to connect correctly.
Fixed: SFTP was returning an incorrect attribute flag for a Virtual Folder when running in v3 mode.
Fixed: Active Directory authentication issue which failed to recognize Organizational Units as valid groups under certain configurations.
Fixed: The 'Logfile Rotated' event now fires.
Fixed: Issue that would prevent the Titan Admin program from launching on older versions of Windows 2000.
Fixed: Events Management issue that could corrupt the events list if IP addresses were banned for failed login attempts.
Fixed: Active Directory authentication issue which prevented users Email Address from being picked up from the A/D server.
Fixed: Active Directory authentication issue which prevented users home directory from being retrieved if User Cache Life or Group Cache Life was set very short.
Fixed: Issue where Virtual Folders were not hidden if the 'Hide Hidden Directories' feature was enabled and the Virtual Folder was marked as hidden.
Fixed: Issue where Virtual Folders would appear in a directory listing if the user did not have access to the Virtual Folder and the user enabled the 'Hide Folders User Cannot Access'.
Fixed: If SFTP services are enabled on the server, but FTP services are not enabled, the 'Anonymous' user account is no longer created.

New in Titan FTP Server 6.10 Build 560 (Feb 5, 2008)

New in Titan FTP Server 6.05 Build 560 (Feb 4, 2008)

New in Titan FTP Server 6.05 Build 550 (Dec 11, 2007)

New in Titan FTP Server 6.05 Build 549 (Dec 3, 2007)

New in Titan FTP Server 6.03 Build 537 (Sep 14, 2007)

New in Titan FTP Server 6.02 Build 529 (Aug 31, 2007)

New in Titan FTP Server 6.02 Build 520 (Aug 18, 2007)

New in Titan FTP Server 6.01 Build 512 (Aug 8, 2007)

New in Titan FTP Server 6.01 Build 511 (Aug 7, 2007)

New in Titan FTP Server 6.00.492 (Jul 11, 2007)

Added: There is a new Edition of Titan FTP Server; MFT (Managed File Transfer) Edition which has many new features not available ino ther editions of Titan. For more information, visit the Titan FTP Server - MFT Edition website.
Added: Support for Windows Active Directory based user authentication - MFT Edition.
Added: Support for LDAP based user authentication - MFT Edition.
Added: Support for ODBC based user authentication - MFT Edition.
Added: Support for Windows Active Directory based user authentication - MFT Edition.
Added: Support for LDAP based user authentication - MFT Edition.
Added: Support for ODBC based user authentication - MFT Edition.
Added: Support for storing configuration information in an ODBC database instead of the system registry - MFT Edition.
Added: Support for DMZedge Server - MFT Edition.
Added: New %OLDFILENAME% event variable to handle the source filename in a rename command.
Added: Support for Local NT/SAM user authentication with a sandalone PC.
Added: A new %OLDFILENAME% event variable to handle the souce filename in a rename command.
Added: Support for Local NT user authentication with a standalone PC. Titan can now be installed on a standalone NT based computer and use the local NT accounts database for authentication, impersonation, and home directories.
Added: An upgraded SFTP/SSH engine. Initial tests show a 25% increase in throughput over Titan v5.
Added: Ability to configure the send/receive buffer size in the FTP engine for optimizing throughput on high latency networks.
Added: Support for Windows Vista.
Added: Support for 64-bit versions of Windows Server 2003, Windows Vista and Windows XP.
Added: Better support for NT home directories when used in conjunction with NT/Active Directory authentication.
Added: Better support for NT impersonation when used in conjunction with NT/Active Directory authentication.
Added: Anti-hammering/D.O.S. events to handle too many connection attempts in a brief period of time.
Added: Better kick-user event management to handle brute-force username/password hacking attempts.
Added: Better passive mode support. Titan now supports the ability to use a single port for passive mode connections allowing administrators the ability to limit the number of open ports on the firewall.
Added: Ability for Titan to open data connections to clients who do not specify a PORT or PASV command prior to a LIST, RETR, or STOR command. Titan will default to PORT mode and will open a data connection back to the Client IP on port 21 as per RFC-959.
Added: Better pre-parsing of input data to handle quirky clients who send over //'s for path delim characters.
Added: Feature that allows Titan to exclude Local IP addresses from receiving the Router's IP address in response to the PASV command.
Added: Added Logging feature to control the level of detail being dumped to the logfile.
Added: Email server configuration options at the Server level. These are used by Events Management and other notification subsystems.
Added: Support for XCWD.
Added: The Server Wizard now has a dedicated FTP page for better configuration with firewalls.
Added: A 'Protocol' column in the server activity window.
Fixed: srxCOM interface now supports the ability to set a users password through the USR_SettAttr() call.
Fixed: When using NT authentication and NT home directories, Titan now generates a default ACL that gives the user rights to their own home directory.
Fixed: Bug in the ban-IP code that would allow duplicate entries.
Fixed: Stats can now be recorded to any ODBC based database, not just an MSAccess database.
Fixed: RETR was not returning an error when a folder name was specified.
Fixed: SIZE command was not returning a 550 error when the client specified a Folder Name instead of a File Name. SIZE is not valid for folders .
Fixed: The 'Server Stopped' event was not firing correctly.
Fixed: Bug in Directory Access rules that would fail to update the ACE for the users home directory if the user inherited their directory from the Group and the Group Home Directory was modified.
Fixed: Bug in Directory Access rules that would generate a path with an extra '' on the end.
Fixed: Bug in the generation of a users home directory if they were a member of a group that used a group level home directory.
Fixed: Passive mode data connections were not timing out which could lead to socket exhaustion and/or invalid data socket re-use for ftp connections.
Fixed: General cleanup for deadlock prevention between the Admin app and the Server process.
Fixed: Updated some of the fields in W3C loggging for SFTP banned connections.
Fixed: Spelling error in UI for "Alow".
Fixed: SFTP permissions problem which would delete file if Write perms were granted but Append/Replace perms were not and the file already existed.
Fixed: Group Home Directory inheritance was not working correctly if it was set to 'User Dirs Default To SubDir Of Group Dir'.
Fixed: Various issues that prevented Idle Connections from being cleared. Also fixed problem with Kick User and Kick Session.
Fixed: 'usr' directory was being created even if Use Standard Unix Dirs was not enabled.
Fixed: SFTP was not correctly closing the connection from Putty/PSFTP when the exit command was received.
Fixed: SFTP was not kicking banned IP addresses upon connection.
Fixed: The Adjust For Daylight Savings Time was being used even where DST is not honored.
Fixed: Inheritance of string/text values was not working correctly at the User/Group Levels.
Fixed: When a user was a member of a Group that was configured to use a Group Level Home Directory, there was no way to Un-inherit this setting and override it at the User Level.
Fixed: The QUIT command was not closing the socket connection correctly.
Fixed: New User Wizard was not inheriting the User Directory from the Group correctly.
Fixed: COMB was not properly cleaning up temp files.
Fixed: KPS statistics where not being tallied correctly at the server level.
Fixed: Remote Administration bug which failed to save parameters under certain conditions.
Fixed: Modified the refresh logic in the Server Activity window so that it would display faster.
Fixed: Server Activity bug that prevented the username from being displayed if client used SFTP with Public Key Authentication.
Fixed: Spy On User and Spy On Session now record the same detail and format as the standard logfile.
Fixed: Various logging issues with W3C formatted log files.
Fixed: User connects were failing if SFTP was enabled but FTP was disabled.
Fixed: Added checks to UI code so that all network/remote paths are resolved into UNC's. This corrects problems where admins enter mapped drive letters in the events manager and then the events don't process because the mapped drive is not accessible from the Titan Service.
Fixed: SFTP now honors the Don't Show Hidden Files flag.
Fixed: If the Remote Administration utililty was installed on a PC without a valid regcode, it would not work.
Fixed: Account Expiration was not working correctly.
Fixed: Buffer memory error in the Tray application.
Fixed: Returning a directory listing containing 40K files was taking too long. Reworked the logic to process the directory information more effeciently.
Fixed: Optimized performance for systems using NT/SAM Authentication.
Fixed: Bug in STOR which could cuase Titan to crash.
Changed: Upgraded the system requirements necessary for running Titan.
Changed: When using NT Authentication; all users must now belong to a valid 'included' Group to log in to the server.
Dropped: Support for Windows NT v4. Titan now makes use of certain OS features that were not available in NT4.
Removed: Removed the custom Control Panel Applet since the Windows NT Services CPA has much more functionality.