3.9.3.2(2022-1-5)
- Fixed a bug that Disk quota unit for external authentication user default profile is not saved in config file.
- Fixed a bug that GUI will crash if over 255 characters is entered in user name of access control list .
- Auto create the folder if the folder set for log file does not exist.
- When "Force SSL" option is selected and server receives USER command. If client doesn't initiate encrypted channel before USER command, it will be disconnected immediately.
3.9.3.1(2021-10-5)
- Fixed an issue that SFTP uploaded file is not immediately available because Windows OS locked this file before flushing OS file buffers to disk.
3.9.3(2021-8-6)
- Fixed a UTF-8 file access bug, when file name containing different encoding from Windows default language.
- Change the failed logins option in IP auto-blocking so that you can set a time period to count failed attemps.
- Add option to write xferlog and session log in UTF-8 format.
- Remove the option "disable log to screen", which is not useful.
- Fixed a TLS connection bug in Remote Admin client.
3.9.2.8(2021-6-12)
3.9.2.7(2021-6-2)
- Add support for long path name over 260 characters.
- Fixed a problem 0 byte file is not logged in ODBC database file transfer log.
3.9.2.5(2021-3-25)
- Support diffie-hellman-group14-sha1 and diffie-hellman-group14-sha256 as SSH key exchange methods.
- Add an option to change SSH software identification string.
- Change configuration files permission so that everyone group is not allowed to read.
- Increase user login IP range total entries limit from 16 to 32.
3.9.2.0(2021-1-29)
- Put all language files under "lang" folder after install. User can switch language from right click Localization Menu.
- Fixed a few small bugs.
3.9.1.7(2020-5-3)
- Fixed a home path permission bug of Default user profile when using with Active Directory.
3.9.1.6(2020-3-15)
- Fixed a bug that create database table for logging file transfer failed for MS-SQL server.
- Fixed a few minor bugs.
3.9.1.5(2019-7-2)
- Fixed a bug that when upload in SFTP, uploading file is not locked from download.
3.9.1.2(2019-5-8)
3.9.1(2019-1-15)
- Add support for using RSA SSH2 host key more than 1024-bit.
3.9.0(2018-10-18)
- Add option to use separate SSL certificate in virtual server.
- Fixed several GUI related bugs.
3.8.9.1(2018-6-6)
- Fixed a bug that saved Xlight Main Windows position is displayed off the screen after reducing remote desktop display resolution.
3.8.9(2018-4-30)
- Add a new column real_path in ODBC database file transfer log to record the real Windows path for transfered files. Existing users, who want to use this column, need to click "upgrade" button in ODBC file transfer settings to add this column to database table.
- Add two options "Force login using SSL" and "Force to use encrypted data connection" in FTP user settings.
- Save current Xlight FTP Main Windows postion when exitting.
- Fixed a bug that Admin Console sometimes cannot be showed when Xlight FTP running as system service.
3.8.8.6 (2017-12-11)
- Fixed a bug in SFTP for user disk space quotas.
- Fixed a bug in SFTP that user cannot remove folder after setting file allowed access.
3.8.8.5 (2017-6-16)
- Fixed a bug in selecting group size for SSH Diffie-Hellman Group Exchange.
- In virtual server settings, add option to select a program to execute after user logged in.
- Fixed a GUI bug in UNC path impersonation.
- On screen log will automatically scroll to the end.
3.8.8 (2017-3-12)
- Add GUI to allow the users to select SSH ciphers wanted.
3.8.7.6 (2017-2-13)
- Fixed a bug in FTP MLST format.
- Fixed a bug that the OK button of configuration dialog box cannot be seen in low resolution screen.
- Fixed a bug in maximum user upload file size.
3.8.7.5 (2016-11-12)
- Add AES-CTR cipher for SSH/SFTP.
- Fixed several minor GUI bugs.
- Change to static linked program executable and can now run alone without Visual C++ runtime dll.
3.8.7 (2016-9-26)
- Add "other DN to search users" option for Active Directory Authentication.
- Allow character $ to be used in FTP user name.
- Make a few small changes to Active Directory user login debug messages.
3.8.6.1 (2016-8-2)
- Support float value for $file_size variable in email notification.
- Fixed a bug that group name can not be the same with a user name.
- Fixed a bug that entering SFTP license key needs to restart system service to activate.
3.8.6 (2016-3-30)
- Add SHA-256 support for SSH transport of SFTP.
- Make a change so that when mapping a user's AD groups to local FTP groups in Active Directory Authentication, the user's Primary Group in the AD will be checked first.
- Fixed a bug that when using other public key files list for SFTP public key authentication, only last public key file can work.
3.8.5.3 (2016-2-8)
- Fixed a bug where if a path is virtual path, the SFTP stat command will return "File not Found" error.
3.8.5.2 (2016-1-11)
- Fixed another compatible problem with WinSCP for SFTP version 6, when root virtual path is not set.
- Add an option to let FTP NLST command return "226 Transfer complete" instead of "550 File Not Found" on empty folder.
3.8.5.1 (2015-11-18)
- Fixed a compatible problem with WinSCP for SFTP version 6.
- Allow SSH_FXP_LSTAT and SSH_FXP_STAT to run in virtual path with only LIST permission for compatible with some SFTP clients.
3.8.5 (2015-10-16)
- Add option to set Allowed Active Directory Groups.
- Fixed a bug in virtual path permission for SFTP/SSH2.
- Fixed several small bugs.
3.8.3.6.2 (2015-3-12)
- Fix a ASCII mode conversion problem for text file uploaded through TLS.
3.8.3.6.1 (2015-2-09)
- Fix a client compatible problem for SSL client authentication for TLS 1.2.
3.8.3.6 (2014-12-06)
- Fix a directory list bug in TLS 1.2.
- Fix a compatible problem in creating file transfer log in database for SQL server.
3.8.3.5 (2014-11-26)
- Add feature to write the current virtual server users connection detail to a file and update the file periodically.
- Add flags to support TLS 1.1 and TLS 1.2 for SCHANNEL. To use them, Xlight must run from Windows 7 or Windows 2008 R2 and above with Windows OS supporting TLS 1.1 and TLS 1.2.
- Increase the limit of IP deny and allow list from 200 to 1000 for virtual server or global option.
- Fixed a bug in the path string when install Xlight as system service.
- Fixed a bug in displaying error log for remote administration client.
3.8.3.1 (2014-9-22)
- Add an new virtual server option to work with FTP client using Windows-style backslash in FTP path.
3.8.3 (2014-7-10)
- Fixed a memory leak problem with Active Directory.
- Enabled TCP_KEEPALIVE option to Active Directory connection
- Fixed a few bugs in disk quota.
3.8.2.5 (2014-6-9)
- Fixed a SFTP/SSH2 compatible problem with cuteFTP 9.
3.8.2 (2014-4-22)
- Fixed the Xlight UPnP compatible problem with many home routers.
- Fixed a few bugs related to UPnP port forwarding when running FTP server behind home routers.
- Add TCP keepalive for FTP and SFTP/SSH2 control connection to detect dead peer connection.
3.8.1 (2014-4-5)
- Add support for multiple public key files for SFTP/SSH2 user public key authentication.
- Add support for option to set home folder permission in default user profile of external authentication.
3.8.0.2 (2014-1-8)
- Fixed two 64-bit binary crashing problems when access user detail or FTP session log from GUI windows.
- Fixed an inconsistent behaviour in user and server level IP deny list.
- Enabled TCP_KEEPALIVE option to LDAP connection to fix a problem that connection stays in CLOSE_WAIT state after closing.
- Add logging for SSH2_FXP_CLOSE command.
3.8 (2013-8-12)
- Add support for 64-bit binary for 64-bit platform.
- Add support for using MB as the unit for disk quotas.
- Add support for mapping AD primary group to local FTP group, when user logins through AD authentication.
3.7.8 (2013-2-15)
- Fixed a SFTP compatible issue with SmartFTP.
3.7.7 (2012-12-15)
- Add a new email notifcation event "OnWanIPChange" to notify user by email when the WAN IP beyond firewall is changed.
- Fixed a memory leak problem when mode z function is enabled.
- Fixed a bug that parameter $exclude_user does not work for OnLogin event of email notification.
3.7.6 (2012-11-02)
- Fixed a bug caused by port reuse when FTP server is behind firewall and set to use PASV port range with limited PASV ports.
3.7.5 (2012-09-28)
- Add the display for MD5 fingerprints of SSH host key in the server host key windows.
- Improve the function for install service from Global Option. The Xlight service will start automatically after installing service.
- Fixed a SMTP connection problem to Office 365 service for email notification.
- Fixed a bug in ASCII mode conversion.
3.7.3 (2012-04-27)
- Fixed a problem in importing SSH host key.
- Fixed a bug in user file access control.
- Fixed a possible server crash problem when option "Delete file and directory to Windows recycle bin" is selected.
3.7.2
- Add two ASCII mode related options.
- Add option to show directory list output from FTP LIST command in IIS FTP or DOS DIR command output format.
- Fixed a bug in SFTP, where a file opened by the first user will prevent other users from sharing and downloading this file.
3.7.1
- Fixed a SSH client compatiable problem when closing SSH channel.
- Fixed a FTP client compatiable problem when running LIST command with filename.
- Fixed a bug in the APPE command.
- Fixed a bug in the FTP session download/upload limit.
3.7
- Add an option to enable SSH tunnel (Port Forwarding via direct-tcpip channel).
3.6.6
- Enchanced the right-click menu for Xlight Main GUI Window, add a new option "Localization" to allow loading language file.
- Fixed a crash issue when upload/download ratio and anti-leech proection are both enabled.
- Fixed a few bugs in the FTP SITE command and allow show SFTP/SSH2 user info from FTP SITE command.
- Fixed a $USERIP parameter bug for ODBC feature.
3.6.5
- Add a server option to allow files or folders being deleted to Windows recycle bin.
- Add an option to allow set LDAP filter for limiting user search scope.
- In the email notification feature, two new variables "up_filelist" and "dwon_filelist" have been added to allow last 100 files uploaded or downloaded to be sent in the email content.
- Remote administration client has a new command line option "-autoconnect" for to allow auto connect to FTP server.
- Writing file transfer log to database feature has been enhanced to be more robust for the case when backend SQL server temperatorily out of service or shutdown.
- Fixed two small bugs in the email notification
- Fixed a small bug in the SITE command.
3.6.2
- Add support for writing virtual server statistics to file periodically.
- When virtual path comes from external authentication, using %username% variable for associated real path is supported.
- When virtual path comes from external authentication, if associated real path does not exist when user logins, it will be created automatically.
- Fixed virtual path deletion bug in SFTP.
3.6
- Add virtual server option "Set bandwidth by IP address range" to allow setting different bandwidth by different IP ranges.
- Fixed a path traversal bug for SFTP/SSH2.
3.5.5
- Add support for sending log to Syslog server.
- Add support for FTP MFMT command.
- When upload file with SFTP, if the client doesn't set the file modification time, use current time as default time.
- Remove the maximum 30 groups limit when matching local FTP group with AD group.
3.5.2
- Fixed a bug of Xlight admin console management interface for non-console session of remote desktop.
- Fixed a resource leaking bug for LDAP authentication.
- Fixed a bug of access control list.
3.5.1
- Fixed a SFTP/SSH2 crash problem.
3.5
- Add support for creating virtual paths in the LDAP and Active Directory through a new attribute "ftpVirtualPaths" in the schema xlightFTPdUser.
- Add a new SSL option "Force users to use encrypted data connection".
- Add support for Openssh public key format in the SFTP/SSH2.
- Increase the maximum value of FTP command speed from 255 to 1000. This will help to increase the speed of transfering large number of very small files.
- Increase the maximum checked AD group of a user from 15 to 50, when his Active Directory group is checked and mapped to a same name local FTP group.
- Fixed a bug in the public key authentication for SFTP/SSH2.
- Fixed a bug in pausing virtual server.
- Fixed a bug in access control list.
- Fixed a few small bugs in the GUI.
3.4
- Add support for multiple virtual paths in the ODBC database.
- Fix a bug when writing file transfer log to database.
- Fix a bug frequently loading ICMP.dll in WAN IP auto detection.
- Fix a bug in the UPnP function when VMWare virtual network card exists in the system.
- Fix a bug FEAT command output format.
3.3
- Add four new parameters ($exclude_user, $exclude_file, $exclude_dir, $exclude_group) for e-mail notification configuration file.
- Add a new option to overwrite exiting file when renaming.
- Add support for ALLO command.
- Change the error response code of CWD command from 450 to 550.
- Fix a GUI bug in the connection detail.
3.2.5
- Add support for default user profile to external authentication to allow quick setup of default user settings such as home directory.
- Add option for output the directory list in Netware FTP Server format.
- Allow the resizing of user and group list dialog box.
- Provide read-only support for salted MD5 password. This allows importing users of salted MD5 password from other FTP servers, for example serv-U 6.x. Reading salted MD5 password only works for local FTP users, not users in database.
- Fix a NLIST bug for empty directory when the option "NLIST Show Directories" is enabled.
3.2.1
- Fix a SQL injection vulnerability for ODBC authentication.
3.2
- Add support to call an external program after a file been uploaded, downloaded or deleted. The new option is in the [Virtual Server Config]->[File and Directory]->[File Transfer Options].
- Add support to automatic backup config files after configuration change. The new option is in the [Global Option]->[General]->[Backup After Configuration Change].
- Fix a in correct file path bug in the xferlog.
- Fix a GUI bug related to advanced log filter.
3.1.6
- Fix a SSL compatibility problem for uploading with FileZilla 3.2.0.
3.1.5
- Enhanced the support Active Directory group. When the group of a user in Active Directory is the same name of local FTP group, it will become his local FTP group.
- When a local FTP group name changed, the group name of all local FTP users belong to it will be updated automatically.
- Fix a crash problem when use ODBC database for SFTP.
- Fix a client compatibility problem for SFTP.
- Fix a bug that viewing Xlight Event from event viewer will crash Microsoft Management Console.
- Fix a bug that the option "Don't use ODBC connection pooling" doesn't really take effect.
3.1.1
- Fix a bug in the supported SSH2 authentication method string returned from server.
3.1
- Add support for user public key authentication in SSH2/SFTP.
- Add support for SHA1 password type in ODBC database.
- Add a new option to bypass IP Auto Blocking for IP in the allowed IP list.
- When Xlight FTP Server is system service, events of service start, stop, virtual servers start, stop and pause are now written to Windows event log.
- Fix a bug in the IP Auto Blocking.
- Fix a bug in the MDTM command.
3.0.5
- Add support to set passive mode port range and ip at virtual server level.
- Add blowfish cipher to SSH2/SFTP.
- Fix a timestamp bug in FTP command MLST.
- Fix a response code bug in FTP command RNTO.
- Fix a client compatibility problem for SFTP.
- Fix a bug for IPv6 subnet mask.
3.0
- Add support for SFTP(SSH2) protocol. In Xlight FTP Server, SFTP virtual server can now be created and managed the same way as FTP virtual server. The tutorial has steps to create SSH2/SFTP virtual server.
- Add a new option "use NTFS permission for group path" for Active Directory users.
- Add support that if the primary group is set for an Active Direcotory user, it will automatically become his FTP group.
- When saving connection information for the remote administration, password can now be empty. If it is empty, user will be prompted for password after connection is established.
- Xlight FTP Server verison information is now embedded in the executable file and can be showed in the Windows explorer.
- Fixed a SSL/TLS compatible problem with FileZilla 3.1.0.1.
- Fixed several bugs related to remote administration.
2.861
- Another Admin Console bug is fixed in this version.
2.86
- Fix a bug in the Admin Console that sometimes causes it taking long time to load and showing incorrect registration information.
2.85
- Add support for using NTFS permission in the public path for Active Directory users.
- Add a new option "Force all users except anonymous user to login using SSL" in virtual server's security settings.
- Add support for CCC (Clear Command Channel) command.
- Add a domain field in the UNC path account impersonation settings.
- Fix a random crash problem cased by PASV command, when server was serving downloads for more than 3000 users at the same time.
2.835
- Fix a bug that when used in the two quad-core Xeon processors platform, Xlight FTP Server will crash during startup.
- Fix a bug in the PASV port range when option "Always use serve IP for PASV mode reply" is slected.
2.83
- Add a new option "Message for IP address auto blocking" in the settings of "IP Address Auto Blocking".
- Fix a LDAP authentication problem. Because in some LDAP servers, users with blank password can always authenticate(bind) successfully. Xlight FTP Server will now do special check to fail the LDAP authentication for users with blank password.
2.82
- Add option "Buffer for sending data" and "Buffer for receiving data" in the user's settings. Socket buffer in the user's settings will override the socket buffer set in the virtual server.
- Fix a bug in the Admin Console.
- Allow Xlight FTP Server to run with non-admin account. The steps are put in the FAQ section.
- When the option to use extended schema xlightFTPdUser is selected for Active Directory, but attribute ftpHomeDirectory is not set for a user, AD attribute homeDirectory will be automatically used as his home directory.
- Fix a few small bugs in the GUI.
2.8
- Add two new options in the external authentiction through LDAP.
- Add two new events OnLogin and OnLogout, two new parameters and four new variables in the email notification.
- When disk quota is enabled for a user, his quota will be automatically re-calculated after login. There will be no need to manually re-calculating quota from GUI.
- Add options to set notes for virtual server and users.
- Add option to force to use WAN IP or Server IP for virtual server behind firewall.
- Add option to show debug trace informtion of external authentication to Error Log.
- Add option to filter file transfer logs to database by download or upload.
- Fix a GUI bug for selecting SSL server certificate.
2.72
- Add a new option, which can be used to be compatible with IIS FTP 6.0 user isolation mode in the Active Directory.
- Add a new option in the user's settings, which allows local ftp user to bypass the external authentication.
- Add a new option to allow user to install and uninstall system service directly within the Xlight FTP Program.
- Fix a compatibility bug with OpenSSL client with AES cipher in the Windows Vista.
- In compliance with RFC959, the STOU command return code changes from 150 to 250.
2.706
- Fix a bug in the SSL client authentication.
- Fix a bug that when a virtual path has the same name of its real path, there are duplicate paths in the ftp directory list.
- Enhanced the compatibility of UPnP function with some broadband routers.
2.70
- Add support for SSL client authentication.
- Add Admin Console function. Admin Console can be used to access Xlight service from Remote Desktop in non-console sessions. When not use, Admin Console can be closed safely without affecting Xlight service.
- If Base DN of Active Directory is not empty, authenticated users in the Active Directory must be located under the "Base DN".
- When running as service, there is only one Xlight FTP Server process now.
- Add new option "Use NTFS permission for user's home directory"
- Fix a user's home directory bug in the Active Directory
- Add document about how to use database stored procedures in the Xlight FTP Server
2.60
- Add support for authentication through LDAP Server. LDAP Server can use extended schema xlightFTPdUser for Xlight FTP Server related user settings.
- Add support for Active Directory to use extended schema xlightFTPdUser for Xlight FTP Server related user settings.
- Add support for writing file transfer log to database through ODBC.
- Add support for email notification on some events happened in the Xlight FTP Server.
- Add support UPnP function. It will be easier to configure Xlight FTP Server behind UPnP aware boardband routers.
- Fix some Xlight FTP Server return codes to be RFC959 compliance.
- Fix a bug which in a rare condition may corrupt Xlight FTP Server configuration file.
- Fix a race condition for the LIST command.
- Fix a problem in the service return code.
2.40
- Support for authentication through active directory. User can use the same password of Windows Domain.
- Support for UNC path impersonation, server can access remote network shares easily with different impersonation accounts.
- Support for automatically log file rotation by date
- Support for global IP deny and allow list
- Add new "User Login" action in the advanced log options
- Add ftp commands such as FEAT, MODE,OPTS ext. into the selection list for denying FTP Commands
- UTF8 is turned off by default. UTF8 can be turned on in the "[Virtual Serve Configuration]->[Advanced]->[Encoding]->[Enable UTF8 Encoding]"
2.27
- Support for detecting duplicated xlight instances from inside remote desktop.
- Improve the auto WAN IP detection function.
- Add right button menu for copying selected on screen logs.
- Fix a bug where timestamp in files list for MLSD command is 8 hours late.
2.24
- Support for two new options -"When running as service, show program icon in the taskbar after Windows starts" and "Allow downloading file which is used for writing by another process"
- Fix a bug related to UTF-8.
- Fix several bugs related to UI.
2.2
- Support anti-leech protection. It can prevent ftp links from leeching by unauthorized people
- Support MODE Z function.
- Support UTF-8, UTF-8 can be turned on and off by OPTS UTF8 command.
2.1
- FTP server can generate UNIX xferlog format log, which can be analyzed by many Log Analyzers such as AWStats.
- Support for MLSD/MLST command.
- Support for MDTM to modify file's last write time (If user has the write permission).
- Support for sfv check to create empty folder after each upload to show latest uploaded percentage.
- Change the behavior of Write flag for virtual path permission, file will not allowed to be ovrwrite if Append flag is not chosen.
- Support for column sort under User List window by clicking column header.
- Support for column sort under Detail window. (For performance reason, this sort is manual sort only and only sort at the moment column header is clicked. Because contents of column will keep updating, it may not always sorted)
- Change the time in ftp session log from GMT to local time.
- Quickly edit user or virtual server setting by double click on it.
- Fix a bug of external user database setting dialog, where Password Type "text" can not be saved to configuration file.
2.03
- Fix a bug in user's password when creating a new user.
- Make the way xlight handling tray icon be in consistant with others windows program with tray icon.
- Add a new welcome message variable, %u_conns_per_ip.
2.02
- Fix an IPv6 bug in Windows XP.
- Fix a user registration bug.
- Fix a user interface bug in Windows XP.
2.01
- This is a bug fixing version, fix several bugs in 2.0. Recommend 2.0 users to upgrade.
2.0
- New user interface with better usability.
- Support for GUI remote administration client.
- All configuration changes will take place in real-time, without restarting the server.
- Xlight user interface can be localized into different language easily by modify a text file
- Support for IPv6
- New personal edition which is free but limited to 5 online users
- FTP server will better performance running in machine with multiple cpus or multicore.
- Support for copying user and group.
- Support for IP range with format such as 192.168.1.1- 192.168.1.24, or 192.168.1.1-24.
- Support for user to change "220 server ready" message.
- Add GUI interface for creating self-signed X.509 certificate.
1.65
- Add send and receive socket buffer option, tune socket buffer properly can increase client's download speed in some situations.
- Add three new options - "delete partial uploded", "disable ascii mode" and "NLIST Show Directories".
- Fix a throughtput decrease issue when under very heavy load.
- Fix a bug which may cause problem behind certain firewall.
1.64
- Enhance server's capacity of accepting new ftp connections when it is under very high traffic and has large number of downloading users. This can greatly reduce the happening of "connection refuse", even when many users are hammering busy ftp server with multi-threads download tool such as "flashget".
- Fix two bugs related to user's idle time.
- FTP connection will be closed if user can't login into ftp server within 120 seconds.
1.62a
- Improve user's download speed over WAN links.
1.62
- Fix a GUI bug.
- New ODBC feature to let user define his own SQL statement to replace xlight's internal SQL query statement, this can be used to support advanced database function, such as stored procedure.
- Two new columns "file_allowed_access" and "files_denied_access" is added inside "acct_param_table" of database.
- New "file access control" function.
1.61
- Fix a bug inside user login control.
- Increase user login control to hold up to 16 entries.
- Fix the problem that virtual server bandwidth control and group bandwidth only work on the first NIC card.
- Some changes in ftp server's internal method for utilizing window OS's file cache.
1.60
- Add bandwidth usage record in status panel.
- Add download/upload bandwidth limit options for virtual server and group.
- User can setup seperate idle time from virtual server.
- Add "Only Deny IPs from" option inside user login control.
- Add right mouse pop menu inside virtual server's detail window for showing auto-banned IPs and sending boardcast message to all users.
- Add function to detect "Password Brute Force" attack.
- Add option to setup maximum file size for ftp log and error log.
- If real path related to user's virtual path "/" or Home Path in ODBC database doesn't exist, FTP server will automatically create the non-exist real path when user first login.
- Fix a bug that LAN transfer speed under Windows 2003 can't over 3.2Mb/s.
- Fix a bug that disable virtual server won't take effect immedately.