Use Let's Encrypt to protect your FTP server
A brief history of FTP (in)security
The FTP protocol as used today was defined in 1985 (RFC 959) based on a design created in 1971.
It was designed without taking security into consideration. All transmissions are in clear text, including username, password, and actual transferred data. All FTP communication …
Secure your FTPS server with Let's Encrypt
Introduction
What is Let's Encrypt?
Let's Encrypt (sometimes shortened as LetsEncrypt) is a certificate authority that provides SSL/X.509 certificates at no charge. You can read more on the subject in the Wikipedia article on Let's Encrypt.
A Let's Encrypt certificate is valid for 90 days, but it is …
Security Advisory for SFTPPlus 3.41.1
A security advisory was created for SFTPPlus version 3.41.1 affecting caching of HTTP files and injection of external content into HTTML error messages.
Security Advisory for SFTPPlus 3.39.0
A security advisory was created for SFTPPlus version 3.39.0 affecting the SCP protocol for which existing files were not always fully overwritten upon a new file upload request.
SFTPPlus Release 3.39.0
We are announcing the latest release of SFTPPlus version 3.39.0.
Customers using the SCP protocol are urged to upgrade to this version. Any previous version contains a security issue when overwriting files over SCP.
New Features
- In the event handler configuration, it is now possible to filter the …
Security Advisory for SFTPPlus 3.37.1
A security advisory was created for SFTPPlus version 3.37.1 affecting authentication of accounts using the HTTP API.
SFTPPlus Release 3.37.1
We are pleased to announce the latest release of SFTPPlus version 3.37.1.
Defect Fixes
- The HTTP API authentication for an account now fails when the account is accepted by the remote HTTP API but the associated group is disabled. [server-side][security] [#5058]
- A defect was fixed in Local …