WS_FTP Server Installation

If upgrading from a previous version of WS_FTP Server, carefully review the Release Notes for your current and target versions.

During installation, a host using the internal WS_FTP Server user database is created. You can create hosts using Microsoft Active Directory, Microsoft Windows, or other external user database types after the install is completed.

Note: Installing WS_FTP Server on a domain controller is not supported.
Note: Certain anti-virus products interfere with PostgreSQL during the install and upgrade process. For more information, see Known Issues 2024.

TLS Hardening on Windows Server

WS_FTP Server relies on the underlying Windows operating system for TLS protocol and cipher suite support for its web components hosted in IIS (Web Admin, AHT and WTM). To ensure secure communication and compliance with security standards, we recommend hardening the default TLS configuration on your Windows Server.

This includes:

  • Disabling legacy protocols such as SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1.
  • Prioritizing strong cipher suites (e.g., AES-GCM) and disabling weak ciphers such as DES, IDEA, and 64-bit block ciphers vulnerable to SWEET32.
  • Enforcing the use of TLS 1.2 or TLS 1.3.

For detailed guidance, refer to the Microsoft documentation:🔗 Manage Transport Layer Security (TLS) in Windows

Important: These TLS settings affect only the IIS-hosted components of WS_FTP Server, including the Ad Hoc Transfer Module, WS_FTP Server Manager (Admin interface), and Web Transfer Module (ThinClient). The FTP(S) and SFTP services use separate protocol engines and are not impacted by Windows TLS configuration.
Note: The TLS settings are managed at the OS level and are not controlled by WS_FTP Server.