SFTPPlus version 5.15.0 is now available.

This release focuses on security and reliability, with stronger automation for Let's Encrypt certificates and broader improvements to certificate lifecycle management, alongside multiple defect fixes.

Highlights

  • Stronger Let's Encrypt initialization security: a unique TLS placeholder certificate is now used per installation and version.
  • Certificate lifecycle improvements: SFTPPlus now emits an event when a configured certificate is approaching expiry.
  • Centralized security policy: a new security-policy configuration unifies deny-username and IP time-based bans and is applied across all services.
  • Easier troubleshooting: the Activity Log UI can be filtered by component name and by event groups.
  • Archive handling: the extract-archive event handler can now unpack ZIP files encrypted with WinZIP AES.
  • Web Client UX: a new “Select all” button lets users select all files in the current directory.
  • Configuration auditability: all components now record created and changed timestamps.

Defect fixes

  • Prevents immediate re-disable of re-enabled inactive accounts with a new account_auto_disable_grace_interval option.
  • Keeps account created date when synchronizing to cluster nodes.
  • Fixes OS authentication startup on Linux.
  • Fixes a regression affecting the Let's Encrypt resource.

You can check the full release notes here.

Thank you

Thank you to all customers who reported issues and suggested improvements. Your feedback helps us make SFTPPlus better with every release.

If you need help with upgrades, deployment validation, or rollback planning, contact our Support team.