Softpedia >Windows >Internet >Servers >FTP Servers >TurboFTP Server >  Changelog

TurboFTP Server Changelog

What's new in TurboFTP Server 3.98 Build 2352

Dec 29, 2023
  • Updated IP geo-blocking database.
  • Problem causing crash of service with some SFTP clients.
  • Externan authentication user population failed with 'invalid credentials' even with correct credentials.

New in TurboFTP Server 3.97 Build 2345 (Nov 21, 2023)

  • Added ECDSA support in SSL certificate wizard.
  • Fixed email tfa notification.
  • Fixed Free Mode not working after trial period expires.

New in TurboFTP Server 3.97 Build 2336 (Aug 30, 2023)

  • Moved all domain and user configurations to database.
  • Added 'Inherited' column in Admin UI's Dir Access ACE list.
  • Added support for multiple SMTP profiles.
  • Use a more secure scheme to store admin login password.
  • Updated IP geo-blocking database.
  • Added admin password reset support.
  • (All admin accounts created in previous versions will be removed. Refer to the topic 'If you forgot the admin password' on how to reset admin password.)
  • Two-factor authentication support for SSH.
  • Some issues causing unnecessary domain restart prompt to be triggered.

New in TurboFTP Server 3.74 Build 20602 (Oct 2, 2022)

  • Restructured and updated manual contents.
  • Added "Add Allow All" button in the IP Access page.
  • When renaming group get disconnected from server.
  • In SSL wizard go back and change information but it is not reflected in summary.
  • Rectified Domain -> Advanced and User -> Advanced tabs by putting FTP specific options in a group box.
  • User-level IP restriction not working.
  • Issue of AD user list refresh.
  • AD authenticate failed with 'User Principal Name to log in' enabled.

New in TurboFTP Server 3.72 Build 2042 (May 2, 2022)

  • Added WOPI support for document collaboration and co-authoring.
  • In web UI, different http connection causes TOTP verification to fail.
  • AD authentication crashes in SSH.

New in TurboFTP Server 3.69 Build 2021 (Mar 3, 2022)

  • WebUI not working with network share.
  • Fixed an HTTPS buffer reading error.
  • Password generation sometimes create shorter passwords.
  • Web UI items will update meta info (like date, size) when starred or shared.

New in TurboFTP Server 3.68 Build 2014 (Feb 23, 2022)

  • Enforce domain naming convention.
  • Added "Certificate and private key in a single file" option and support of .pfx format certificate in Import SSL Certificate dialog.
  • Added Passwords tab for password policy configuration.
  • Added password change request in SSH when password expires.
  • Add User Wizard generates password according to the associated domain's password policy.
  • Disabled in-memory file search cache db.
  • TFA option in User -> Details tab not showing correctly.
  • Fixed missing HSTS header when it is enabled.

New in TurboFTP Server 3.66 Build 1993 (Jan 2, 2022)

  • Improved performance of serving plain HTTP downloads.
  • Updated FEAT command reply of FTP.
  • Significantly reduced HTTP/S service memory usage by up to half.
  • UTF-8 support in FTP service.
  • Support GZip when sending directory list in HTTP/S.
  • WebUI completedly redesigned, added Starred, Shared, Recents views.
  • Ad-hoc file sharing and sending sharing link in email in WebUI.
  • Thumbnails in certain images and media files in WebUI.
  • File retention (Trash Bin) support in WebUI.
  • WebUI zip file view.
  • Two-factor authentication in WebUI including Email SMS code and TOTP.
  • SMTP setup (for sending email) in TSRMC's Server -> Email tab.
  • Added WebDAV digest authentication algorithm options in Server -> HTTP/S tab.
  • Added HTTP HSTS option in Server -> HTTP/S tab.
  • WebUI Shared file list management in TSRMC's Dir Access -> Shared Files tab.
  • WebUI configuration in Domain -> HTTP/S tab.
  • SSL protocol selection and cipher configuration in TSRMC's Domain -> SSL tab.
  • Added global error log.
  • Support of HTTP multi-file upload with multipart request.
  • Added file size to file access log.
  • Revised TSRMC Add Domain Wizard to start all selected services at once. Added 'Add to firewall exception list' option if server is absent from exception list.
  • Improved digest authentication efficiency.
  • HTTP/S incorrect directory permission lookup.
  • Installer doesn't stop running daemon before installing new files.
  • Unable to reload a user's new SSH public key. Now there is a 5 min interval to auto-reload the public key under home folder's sub folder 'ssh_key'.
  • TSRMC Add Domain wizard crashes when selecting local directory.
  • Can't delete duplicate local server node in TSRMC.

New in TurboFTP Server 1.53 Build 1196 (Feb 13, 2019)

  • Evaluation period increased to 45 days.
  • MS Office (various versions) problem saving a document in WebDAV folder.
  • When TSRMC auto launches Domain Wizard post installation, browsing remote directories fails.

New in TurboFTP Server 1.53 Build 1187 (Dec 26, 2018)

  • [+] Added WebDAV (class 1,2) support.
  • [+] Improved loading time of SSL and SSH keys.
  • [+] Improved speed of file listing delivery (FTP/SFTP/HTTP).
  • [+] Further improved overall performance by optimizing common routines.
  • [+] HTTP/S put/post upload logged in file transfer log.
  • [-] WebUI logon problem with some versions of IE browser.
  • [-] HTTP Last-Modified time stamp not correct.
  • [-] Error saving imported SSL certificate in unencrypted form.
  • [-] Problem using network share as domain root.
  • [-] TSRMC Domain General page SMB share groupbox flickering on resize.
  • [-] Can't apply passphrase to unencrypted SSH key or SSL private key.

New in TurboFTP Server 1.50 Build 1039 (Dec 6, 2018)

  • Released on July 30, 2018
  • Architectual level change improves overall performance.
  • Improved user look up efficiency.
  • Server side ECDSA key creation failure.

New in TurboFTP Server 1.48 Build 1022 (Dec 6, 2018)

  • Released on July 18, 2018
  • Packet caching problem sometimes causes upload to fail in SSH/SFTP service.
  • Error handling SSH rekeying.
  • SSH log will be flushed at a certain interval.

New in TurboFTP Server 1.47 Build 1009 (Dec 6, 2018)

  • Released on March 1, 2018
  • SHA-256 is now used instead of MD5 for SSH host key fingerprint.
  • FIPS 140-2 mode option in Professional+ versions.
  • Upgraded OpenSSL module to 1.0.2m.
  • Replaced generated SSH private key encryption DES with AES-192.
  • FTPS/FTPES upload stall issue with some FTP clients.
  • SSH key exchange incorrectly limit options for ECDH.
  • Incorrect date header in HTTP.

New in TurboFTP Server 1.47 Build 993 (Dec 6, 2018)

  • Released on Jan 30, 2018
  • License types updated. Added Professional that incl. SFTP service.
  • Code optimization of FTP service.
  • FTP/SFTP sends 'Too many connections' to legitimate connection attempts if domain or license connection limit exceeded.
  • Occasional FTPS upload stall problem.
  • More details in error message of SSL certificate and SSH key generation.
  • TSRMC incorrect input alert 'User is required'.

New in TurboFTP Server 1.46 Build 987 (Dec 6, 2018)

  • Released on Jan 21, 2018
  • Optimizations to significantly improve SSH/SFTP service performance and reduce its memory consumption.
  • Optimizations to improve HTTP/S service performance.
  • Import button in Users page to import user list in CSV format.
  • Domain SSH log contents changed to show actions more concisely and client IP added to each log entry.
  • ECDSA key doesn't show fingerprint after created on server.
  • Invalid log writing causes program error when retarting domain.
  • Error handling some SSH/SFTP clients sending more data with MSG_IGNORE.

New in TurboFTP Server 1.43 Build 963 (Dec 6, 2018)

  • Released on Dec 20, 2017
  • Added ECDSA Key type in SSH Key Generation Wizard.
  • ECDH kex support.
  • 'Ban file types' option (domain and user level) can be switched to 'Only allow' file types.
  • Putty (thus incl. Filezilla etc) sftp read size causes download to fail.
  • Tectia File Transfer Client connection and upload issues.

New in TurboFTP Server 1.42.950 (Mar 2, 2017)

  • Added SSH public key authentication option for Active Directory with SSH public key user attribute.
  • Added domain option to force SSL client certificate authentication for HTTPS and FTPS.

New in TurboFTP Server 1.40.938 (Feb 1, 2017)

  • Domain performance graph re-written and simplified.

New in TurboFTP Server 1.40.936 (Dec 16, 2016)

  • Fixed:
  • A progressive memory leak problem and its negative impact on performance.
  • HTTP range handling problem.
  • HTTP Web UI file move/copy source folder permissions not observed.

New in TurboFTP Server 1.40.927 (Nov 18, 2016)

  • Added SCP support(available in Business+SSH and Corporate licenses).
  • HTTP/S Web UI revamped and is now responsive and mobile ready.
  • HTTP/S Web UI added Move, Copy functions.
  • HTTP/S Web UI added context menu for Remove, Delete, Rename, Copy.
  • HTTP/S Web UI added upload dialog to allow multiple simultaneous uploads and show progress.
  • A connection management problem causes memory consumption grows over time unnecessarily.
  • Incorrect connected user count shows on server status page if servicing HTTP/S.
  • Download and upload speeds on server status page not updated when there is no connection.
  • HTTP access log sc-bytes length not correct.

New in TurboFTP Server 1.30.921 (Nov 1, 2016)

  • Added option to use user home directory specified in Active Directory.
  • Issue handling client SSH re-keying.
  • Occasional error decrpyting stored passwords.
  • HTTP/S web UI login button stayed grey even if login failed.
  • HTTP/S login password not url decoded.
  • Error handling empty referer in HTTP request.
  • HTTP/FTP access logs are not being generated.

New in TurboFTP Server 1.30.912 (Oct 11, 2016)

  • Added support to import PKCS #7, PKCS #8, PKCS #12 SSL certificate/key formats (i.e. with extensions of .p12,.pfx,.p7b, etc), as well as DER format certificates/keys in addition to PEM format.
  • Renaming SSL certificate doesn't rename key files.

New in TurboFTP Server 1.30.908 (Mar 9, 2015)

  • Replace SHA-1 with SAH-256 when generating SSL certificate or CSR.
  • Disable SSLv2 and SSLv3 for FTPS and HTTPS connection (avoid the SSLv3 protocol POODLE vulnerability).

New in TurboFTP Server 1.30.902 (Dec 4, 2014)

  • Added support for CTR mode AES ciphers.
  • Problem populating user list when authenticate with AD.
  • Problem loading SSH keys created by itself.
  • Memory corruption when switching SSH keys.
  • Resource leak when restarting domains.

New in TurboFTP Server 1.30.892 (Apr 14, 2014)

  • OpenSSL module upgraded to 1.0.1g which fixed the heartbleed flaw.

New in TurboFTP Server 1.30.890 (Jan 20, 2014)

  • Upgraded OpenSSL library to 1.0.1e.
  • Rewamped HTTP/S webui, added rename, delete and create folder functions.
  • A coding error that might potentially cause SSL runtime problem.
  • HTTP/S module buffer problem handling keep-alive requests.
  • HTTP/S upload fails if folder path contains whitespaces.

New in TurboFTP Server 1.30.880 (Dec 27, 2013)

  • Generate file access log for FTP and SFTP, where all major file access operations can be reviewed in file_log.log.
  • HTTP/S service internal authentication problem.

New in TurboFTP Server 1.30.868 (Oct 2, 2013)

  • Now use PBKDF2 for password hashes stored for credential verification.
  • Server up time now indicates number of days.
  • 'Bad server message received' shows up in TSRMC for connected server which is not the first one in the server group.
  • Problem retrieving user list in some scenarios in Active Directory authentication.
  • Button in Add User Wizard to browse for home folder is grayed out if the server is a remote server

New in TurboFTP Server 1.30.865 (Sep 5, 2013)

  • Show alert on TSRMC service tree if failed to populate users with external authentication service.
  • Handles of directories opened for listing not closed properly.
  • Vfolders' physical path not saved to configuration file correctly.
  • Vfolders shown in invalid names in response to NLST command.

New in TurboFTP Server 1.30.860 (Jun 30, 2013)

  • Active Directory or LDAP user list now shown in a hierarchical structure.
  • Active Directory authentication now allows to use SAM account name to log in (default).
  • LDAP authentication causes runtime exception.
  • TSRMC domain authentication page Restore button doesn't restore the sub-dialog for original authentication method.

New in TurboFTP Server 1.30.850 (May 27, 2013)

  • Problem starting service daemon on system with more than 8 processor cores.
  • Domain Authentication page configuration fields disappear on Enter.

New in TurboFTP Server 1.30.840 (Apr 16, 2013)

  • Active Directory authentication allows empty password.
  • SQL error related to ODBC authen not shown correctly in log.

New in TurboFTP Server 1.30.838 (Dec 27, 2012)

  • Active Directory authentication not working with HTTP/S.

New in TurboFTP Server 1.30.835 (Nov 29, 2012)

  • Fixed a problem in SFTP causing Putty/Filezilla/WinSCP client upload to fail.

New in TurboFTP Server 1.30.832 (Nov 27, 2012)

  • Added support for logon using UPN (User Principal Name) when using Active Directory authentication.
  • TSRMC Active Directory authentication test dialog added capability to test login with non-DN identifier.

New in TurboFTP Server 1.30.826 (Nov 27, 2012)

  • Installer now signed by our code signing certificate.
  • Added 'Password Salt Field Name' in ODBC Authentication page to use PBKDF2 drieved key in place of real password.
  • A buffer overflow problem in handling an ftp command.

New in TurboFTP Server 1.30.823 (Jun 29, 2012)

  • Fixed download issues with some of the latest versions of web browsers.
  • HTTP/S web UI shows corrupted upload time at upload complete.
  • In HTTPS web UI upload if pressing the upload button while upload file path not filled service will crash.

New in TurboFTP Server 1.30.820 (Jun 5, 2012)

  • Added toolbar buttons for menus Local Service Manager and Add to Windows Firewall exception list.
  • SSL certificate creation wizard can now generate certificate signing request (CSR).
  • Added timezone information in server log.
  • A stack overflow problem when socket write problem occurred.
  • A potential buffer overflow problem when ftp client request is too long.
  • Problem of impersonation for using a network share as domain root.
  • Impersonation not working in SFTP.
  • TSRMC crashes when Activity page shows excessive parameter string.
  • FTP request log entry might be mixed with another request and server to client bytes count is not correct.
  • In Command Log Format timezone information is not correct.
  • Logged download transferred bytes not correct.

New in TurboFTP Server 1.30.815 (May 4, 2012)

  • Problem of SFTP download stalling at the end

New in TurboFTP Server 1.30.812 (Mar 28, 2012)

  • 'Bad message' error message from server when importing SSL certificate.
  • Shorter idle and connection timeouts interrupt lengthy operation like XMD5, XSHA1 in FTP.
  • Connection timeout and idle timeout might interrupt SFTP and HTTP file transfer and fetching remote listing.
  • Log rotating with invalid log file path can crash the service.
  • Speed throttling causes FTP/HTTP file upload corrupted.
  • HTTP service causes false error in FTP: 'Too many users connected (x). Try again later'.

New in TurboFTP Server 1.30.803 (Apr 12, 2011)

  • HTTP service disabled IE friendly error message.
  • Domain service status sometimes missing.
  • Upload resume not working in FTP and SFTP.
  • When browsing remote file system in management console, a drive root can't be populated under some builds of Windows.
  • In HTTP/S if 'Lock user in home directory' selected, browsing will get unexpected 403 error.
  • In HTTP/S no file read access of a folder incorrectly causes it not able to be viewed

New in TurboFTP Server 1.30.800 (Apr 12, 2011)

  • SSL certificate created with issuer info missing.
  • Sometimes a portion at the end of uploaded file is missing in SSL.
  • Problem disabling subdirectory inheritance of a folder.
  • Concept of directory permission inheritance not clarified: All directories by default enable inheritance of permission rules by their subdirectories unless the 'Subdirectories inherit permissions' option explicitly disabled

New in TurboFTP Server 1.30.795 (Apr 12, 2011)

  • TSRMC server status page now shows status of all domain services.
  • Added SSH key and SSL certificate manager pages, where SSH keys and SSL certificates can be imported, created and modified.
  • Remote folders (in remote path selection and Dir Access) can now be browsed in remote administration.
  • Added support of DSA algorithm and comment in SSH Key Creation Wizard.
  • Support of SSH private key ciphers now covers DES, Triple-DES, Blowfish, CAST5, IDEA, RC2, RC4.
  • Connection dialog now remembers the last login name and allows to delete stored login credentials by pressing OK with 'Remember password' checkbox cleared.
  • A false deinitialization in SSH module causes SSL certificate loading to fail when a domain is restarted.
  • A certain error of generating SSL certificate cause memory leaks.
  • Failure of loading SSL certificate for remote admin causes memory leaks.
  • Expiration date in generated SSL certificate not set.
  • Restarting local or remote admin service incorrectly disables server logging.
  • Domain -> Connection tab hides options incorrectly when switching between servers of different license types

New in TurboFTP Server 1.20.780 (Apr 12, 2011)

  • Improved delivery of huge remote listings.
  • TSRMC added shortcut menu to open local configuration file (tbssvc.ini).
  • Problem of handling vendor specific request of some SFTP clients (e.g. FileZilla).
  • Admin profile can be removed when the admin has logged in.
  • Problem of renaming virtual folder.
  • SSL certificate serial number problem.

New in TurboFTP Server 1.20.748 (Apr 12, 2011)

  • Fixed issues related to multi-byte character file path/names in SFTP.

New in TurboFTP Server 1.20.745 (Apr 12, 2011)

  • 64-bit version (x64) released.
  • TSRMC now detects if it runs with administrator privileges and shows warning if not.
  • In 32-bit version TSRMC Connection Dialog doesn't remember login credentials when running on 64-bit Windows.
  • In HTTP requesting zero length file results in connection reset

New in TurboFTP Server 1.20.739 (Apr 12, 2011)

  • Program shortcut of TSRMC is now Run As Administrator.
  • System tray icon is added for event notification.
  • Added "Add to Windows Firewall exception list" menu under Tools. (In Windows Vista/7 it must be added to the exception list.)
  • Fix many issues related to multi-byte character file path/names in regular FTP.
  • HTTP/S can't be access in evaluation version.
  • 'webui_user' should not show in user list.
  • Multiple time install/uninstall in Local Service Manager will cause service installation problem.
  • TSRMC should show/hide HTTP/S option in the Connection tab according to license of the connected server, not the local one.

New in TurboFTP Server 1.20.726 (Apr 12, 2011)

  • Added HTTP/S support. The Web file system can be accessed with most modern browsers.
  • Management console login now use much more secure approach using random seed and avoid passing password in transit.
  • Virtual folder doesn't work with drive root.

New in TurboFTP Server 1.00.720 (Apr 12, 2011)

  • Buffer overflow problems reported by Corelan Team.
  • A file open problem causing WinSCP failed to upload files.
  • A problem in log recycling causes server to stall.

New in TurboFTP Server 1.00.712 (Apr 12, 2011)

  • Security issue: in command line illegal cd command containing '\' is not blocked.
  • License handling issue.