IN THIS PAGE

What's New in WS_FTP Server 2022.0 (8.8)

The following new features and improvements were added to WS_FTP Server 2022.0 (8.8).

Multi-factor authentication

Multi-factor authentication protects Web Transfer Client user's accounts from unverified users when a user's account password is lost, stolen, or compromised. To verify user identity, WS_FTP Server gives Web Transfer Client users private access to a uniquely-generated verification code made available to the user by mobile app. This additional verification step ensures user sign in is genuine.

This feature includes:

  • Admin-level UI controls that enable administrators to implement multi-factor authentication.
  • Online guide/wizard that guides end-users through the app verification and setup needed for multi-factor authentication.
  • UI controls that enable administrator to require multi-factor authentication for selected user classes.
  • UI controls that enable administrators to exempt specific users.
  • Users can optionally 'opt in' to use multi-factor authentication when it is not an enforced requirement.
  • User identity verification using a mobile authenticator app.

MFA

For more information, see WS_FTP Server Multi-Factor Authentication and Web Transfer Client Multi-Factor Authentication.

SSL certificate and SSH host key size updates

To improve secure certificate creation, the minimum key size for SSL certificate and SSH host key creation was increased from 1024 to 2048 bit. WS_FTP Server users can also choose 3072 or 4096 bit.

Upgrades to the latest version will not affect existing keys of sizes smaller than 2048 bit.

KeySize

Disable default banner update

The default banner is disabled by default. This prevents identifying information about the server being displayed. WS_FTP Server user can opt to enable the banner. For more information, see Creating Listeners.

DisableBanner

WS_FTP Web Server support deprecation

WS_FTP Web Server is no longer supported. For information about migrating WS_FTP Server Manager to IIS, see How to migrate the WS_FTP Server Manager to IIS.

SFTP transfer performance improvement

Updates to WS_FTP Server resulted in significant improvements to SFTP upload speeds.

Listener encryption settings (SSH) updates

WS_FTP SFTP Server now supports advanced public host key algorithms RSA-SHA-2 256 and RSA-SHA-2 512.

Less secure ciphers, MACs, and key exchange algorithms are disabled by default on new installations. When new listeners are created, the updated standards are enforced. The listener exchange settings are unchanged on upgrades to the latest version.

The following encryption settings are disabled by default:

  • Cipher - 3des.cbc, blowfish.cbc, and cast128.cbc
  • MAC - hmac-md5 and hmac-md5-96
  • Key Exchange Algorithm - Diffie-hellman-group1-sha1

    If required, you can re-enable the encryption settings from the Listener Encryption Settings page.

SSH user key authentication update

The Require multi-factor authentication check box for users was renamed Require password and SSH user key to ensure clarity. For more information, see Configuring password and SSH user key authentication.

Microsoft SQL Server support

WS_FTP Server 2022.0 supports Microsoft SQL Server 2019 Enterprise/Standard

Windows Server 2022 support

WS_FTP Server 2022.0 supports deployment to the Windows Server 2022 operating system.

Updated uninstall option

If you choose to uninstall WS_FTP Server and remove your configuration data during the uninstall process, you can optionally choose to remove the PostgreSQL database server.

PostgreSQL_uninstall

OpenSSL update

OpenSSL was upgraded from 1.0.2u to 1.0.2zf to incorporate security fixes and prevent potential vulnerabilities. For more information, see https://www.openssl.org/news/vulnerabilities-1.0.2.html.

Fixed Issues in 2022.0 (8.8)

The following issues were fixed in WS_FTP Server 2022.0 (8.8).

ID

Category

Fixed Issue

12244

Database

Fixed an issue which caused an error connecting to SSH/FTP after database migration from PostgreSQL to MSSQL.

12769

Web Transfer Module

Web Transfer Module now successfully opens as part of application pool creation.

6315, 6332, 12240, 15175, 15178, 15179, 15184, 15185

Server, Security

Addressed Cross-Site Request Forgery (CSRF) issues in WS_FTP Server Administrative interface.

15168, 15181, 15182, 15183, 15186, 15187, 15188

Server, Security

Addressed cross-site scripting (XSS) issues in WS_FTP Server Administrative interface.

6160

Server, Security

The Use Local Time option is respected.

6293

Server, Database

Fixed an issue which caused an error connecting to SSH/FTP after database migration from PostgreSQL to MSSQL.

6351

Server, Web Admin

Text generates correctly when logging in to WS_FTP Server.

12345

Server, Installer

The installer retains the given location of PostgreSQL.

12548

Server, WTM

A users full name is displayed when assigning user rights in Web Transfer Module.

12751

Server, Security

The default cipher sorting is strongest to weakest.

12773

WTM, AHT

The bootstrap.js dependency was updated to prevent a security vulnerability.

15122

Server

New and updated encryption algorithms ensures improved security.

15151

WTM, AHT

The Moment.js dependency was updated to prevent a security vulnerability.

15152

WTM, AHT

The Loadash dependency was updated to prevent a security vulnerability.

15166

Server, SSH

Version details are not disclosed in the banner information.

15170

Server, Web Admin

The assigned level of user permissions is respected.

15260

Server, Security

Addressed Cross-Site Request Forgery (CSRF) issues in WS_FTP Server Administrative interface.

19457

Installer

WS_FTP Server successfully installs following uninstalling the application with the Keep Configuration Data option selected.

15361

Server, Database

The PostgreSQL database was updated to 14.5. This update addressed CVE-2022-2625 and prevented other security vulnerabilities.

Known Issues

This section details known issues and workarounds in all WS_FTP Server 2022.0 (8.8) releases.

ID

Category

Known Issue Description

19501, 19530

Multi-factor authentication

Multi-factor authentication (MFA) is disabled by default for users added using iftpaddu.exe, ftpdbsyc.exe, or the synchronize option through admin.

To enable MFA for these users, resave the MFA configuration in WS_FTP Server Manager.

19501

Multi-factor authentication

Users added using the user command line utility iftpaddu.exe, do not include options to exempt and reset the user from MFA.

19525

Command line utility

Using the database backup command line utilities to generate backup files returns an error illegal option -- o. The -o parameter was discontinued by postgres after the version 11.

To resolve this issue, remove the -o parameter from both bat files.

System Requirements

These requirements apply to the supporting environment and operating system where you install WS_FTP Server.

Software Requirements

Supported Operating Systems for WS_FTP Server

The Operating Systems are supported for the following WS_FTP Server configurations:

  • Standalone
  • Failover cluster using Microsoft Clustering Services
  • Failover cluster using Microsoft Network Load Balancing

Operating System

  • Windows Server 2022 Standard/Datacenter (standalone only)
  • Windows Server 2019 Standard/Datacenter (standalone only)
  • Windows Server 2016 Standard/Datacenter (standalone only)

Windows Server Components Activated Automatically

The WS_FTP Server installer automatically activates certain components in your Windows Server installation. This is necessary because after installation Windows Server does not turn on non-core operating system components. However, before installing WS_FTP Server, you should ensure these changes conform to your organization’s security policies.

When you install WS_FTP Server, the install activates the following Windows Server roles:

  • ISAPI Extensions
  • Windows Authentication
  • ASP

Supported Web Browsers

The following browsers are supported for WS_FTP Server Manager and the Web Transfer and Ad-Hoc Transfer client interfaces:

  • Chrome
  • Mozilla Firefox
  • Microsoft Edge

Database Platform

WS_FTP Server requires one of the following database platforms.

The default database platform is PostgreSQL, however during installation, you can select Microsoft SQL Server as your database for configuration data.

  • PostgreSQL 14.5
  • Microsoft SQL Server 2019 Enterprise/Standard
  • Microsoft SQL Server 2017 Enterprise/Standard
  • Microsoft SQL Server 2016 Enterprise/Standard

Framework and Accessibility

WS_FTP Server requires the Microsoft .NET Framework and other Microsoft packages for scripting and software accessibility. Microsoft .NET Framework 4.5.2 is included in the installation program.

Hardware

Minimum requirements

  • 4-core server-class CPU (For example: Intel Xeon 4-core 2+GHz)
  • 4 GB RAM
  • 250 GB or larger free disk space, depending on estimated data to be stored
  • 100/1000 MB Ethernet interface (for TCP/IP traffic)

Ad Hoc Transfer Plug-in Requirements

The following software must be installed on the machine on which you install the Ad Hoc Transfer Plug-in for Outlook.

  • Microsoft Outlook 2016, 2013, or 2010
  • Supported on Windows Operating Systems only.

Note: If you are running the installer live (not doing a silent install), the installer automatically installs the Microsoft Visual Studio redistributable programs. You do not need to download anything from Microsoft. If running a silent install, you must download and install these redistributable programs before running the install. See the Requirements in the Silent Install section.

Note: For silent installation instructions for the Ad Hoc Transfer Plug-in for Outlook, see Silent install of the Ad Hoc Transfer Plug-in for Outlook .

Upgrading

Upgrading to the latest version of WS_FTP Server ensures that you have access to the latest features, fixes, security updates, and usability improvements.

WS_FTP Server 2022.0 (8.8) supports direct upgrades from WS_FTP Server 2020 (8.7). For more information, see Upgrade Paths.

Upgrading information and considerations

Latest features and improvements

For the most up-to-date information about the latest supported features and improvements, see What's New.

Hardware Requirements

Review the current WS_FTP Server System Requirements.

Activation code

The activation code is automatically applied when you run the WS_FTP Server installer to upgrade.

  • Your upgrade activation code is embedded in the installer file.
  • The activation code is also stored in the Product Downloads section of the Progress Community.
  • The activation code differs from your serial number. The code begins with your serial number and contains an additional eight characters.

WS_FTP Web Server support deprecation

WS_FTP Web Server is no longer supported. For information about migrating WS_FTP Server Manager to IIS, see How to migrate the WS_FTP Server Manager to IIS.

Support for older WS_FTP Server Versions

For information about support for previous versions of WS_FTP Server, see the Product Lifecycle page on the Progress Community website. Customers running EOL or soon to be EOL versions should upgrade to WS_FTP Server 2022.0 (8.8).

Upgrade Paths

To upgrade from an earlier version of WS_FTP Server to WS_FTP Server 2022.0 (8.8), you must download the installer file.

  1. Login to the Progress Community.
  2. Select Product Downloads.
  3. Locate and download your product. Your activation code is embedded in the download file, and is automatically applied during installation.

Note: WS_FTP Web Server is no longer supported. To upgrade from an earlier version of WS_FTP Server Manager on WS_FTP Web Server, you must first migrate WS_FTP Server Manager to IIS. For information about migrating WS_FTP Server Manager to IIS, see How to migrate the WS_FTP Server Manager to IIS.

Upgrade paths

WS_FTP Server 2022.0 (8.8) supports direct upgrade installations from the following version:

  • WS_FTP Server 2020 (8.7)

Note: The upgrade paths are valid only on supported Operating Systems. For more information, see WS_FTP Server System Requirements.

For detailed installation and configuration instructions, or activating a new or upgraded license, see the WS_FTP Server Installation and Configuration Guide.

Note: If you upgrade from a version earlier than 2020, the default installation folders do not change. For example, the WS_FTP Server installation folder will be C:\Program Files (x86)\Ipswitch\WS_FTP Server.

Copyright Notice

© 2022 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved.

These materials and all Progress® software products are copyrighted and all rights are reserved by Progress Software Corporation. The information in these materials is subject to change without notice, and Progress Software Corporation assumes no responsibility for any errors that may appear therein. The references in these materials to specific platforms supported are subject to change.

Chef, Chef (and design), Chef Infra, Code Can (and design), Compliance at Velocity, Corticon, DataDirect (and design), DataDirect Cloud, DataDirect Connect, DataDirect Connect64, DataDirect XML Converters, DataDirect XQuery, DataRPM, Defrag This, Deliver More Than Expected, DevReach (and design), Icenium, Inspec, Ipswitch, iMacros, Kendo UI, Kinvey, MessageWay, MOVEit, NativeChat, NativeScript, OpenEdge, Powered by Chef, Powered by Progress, Progress, Progress Software Developers Network, SequeLink, Sitefinity (and Design), Sitefinity, Sitefinity (and design), SpeedScript, Stylus Studio, Stylized Design (Arrow/3D Box logo), Styleized Design (C Chef logo), Stylized Design of Samurai, TeamPulse, Telerik, Telerik (and design), Test Studio, WebSpeed, WhatsConfigured, WhatsConnected, WhatsUp, and WS_FTP are registered trademarks of Progress Software Corporation or one of its affiliates or subsidiaries in the U.S. and/or other countries.

Analytics360, AppServer, BusinessEdge, Chef Automate, Chef Compliance, Chef Desktop, Chef Habitat, Chef WorkStation, Corticon.js, Corticon Rules, Data Access, DataDirect Autonomous REST Connector, DataDirect Spy, DevCraft, Fiddler, Fiddler Everywhere, FiddlerCap, FiddlerCore, FiddlerScript, Hybrid Data Pipeline, iMail, JustAssembly, JustDecompile, JustMock, KendoReact, NativeScript Sidekick, OpenAccess, PASOE, Pro2, ProDataSet, Progress Results, Progress Software, ProVision, PSE Pro, Push Jobs, SafeSpaceVR, Sitefinity Cloud, Sitefinity CMS, Sitefinity Digital Experience Cloud, Sitefinity Feather, Sitefinity Insight, Sitefinity Thunder, SmartBrowser, SmartComponent, SmartDataBrowser, SmartDataObjects, SmartDataView, SmartDialog, SmartFolder, SmartFrame, SmartObjects, SmartPanel, SmartQuery, SmartViewer, SmartWindow, Supermarket, SupportLink, Unite UX, and WebClient are trademarks or service marks of Progress Software Corporation and/or its subsidiaries or affiliates in the U.S. and other countries. Java is a registered trademark of Oracle and/or its affiliates. Any other marks contained herein may be trademarks of their respective owners.

JAN

04

2023