The following issues were fixed in WS_FTP Server 2024.0 (9.0).

ID

Category

Fixed Issue

5755, 6074

Web Admin

Imported user keys are saved as the correct key-type.

5864

Web Admin

Virtual folder names are validated during creation.

5920

Web Admin

Bandwidth rules are applied correctly to all groups.

6010

Web Admin

Consecutively setting permissions to multiple virtual folders correctly assigns permissions to users.

6324

Web Admin

The maximum length of a virtual folder name is 248 characters.

12209

Documentation

Links to online documentation were updated.

17424

Server

Host administrators can apply rules to other host administrators or other users with lower privileges such as regular users and anonymous users. They cannot apply rules to system administrators.

19482

Installer

Users can successfully log in to the Web Transfer Module when the Ad Hoc Transfer module is not installed.

19492

Web Transfer Module

Settings are respected in the Web Transfer Module.

19504

Ad Hoc Transfer, Web Admin

The password protection policy configured in the Web Admin cannot be altered by the Ad Hoc Transfer module.

19525

Command Line Utility

The DB backup bat files works as expected.

21446

Web Admin

A Content Security Policy (CSP) is configured for WS_FTP Server Web Admin.

21447

Server

HTTP Strict-Transport-Security (HSTS) is enabled in WS_FTP Server.

21837

Web Admin

Log entries that occur close to midnight are visible in the log viewer.

21863

Web Admin

Group bandwidth limits are respected.

21936

Server

After editing and saving an Ad Hoc Transfer bandwidth limit name, users are directed to the list of limits.

22008

Installer

The patch version number is now displayed on the Review Modules window during upgrades.

22110

Web Admin

You can manage Progress CleanerService from the WS_FTP Server services menu.

22112

Server

The folder permissions Select/Deselect All check box, selects or clears all of the permissions options..

22245

Web Transfer Module

Anti-cross-site request forgery (CSRF) tokens are applied to login pages.

22277

FTP, FTPS

WS_FTP Server supports the TLS 1.2 and TLS 1.3 protocol. The outdated SSL3, TLS 1.0 and TLS 1.1 are not supported.

22534

Web Admin

The user lockout notification variable includes the username rather than the IP address.

22869

Server, Security

Users can authenticate with an OpenSSH generated RSA 3072 key containing comments.

22876

Server

The date and month with MSSQL DB are now resilient to system locale settings.

22913

Web Admin

Removing user/group from the Virtual Folder permissions list without selection results in the correct error message.

22931

Server, Database

The PostgreSQL version was updated to prevent a potential vulnerability.

22932

Web Admin

Users are not duplicated when there are two or more users on the Create Quota Limit Rule window.

22951

Server

API documentation was removed from production environments.

22952

Server

Ad-hoc client no longer discloses the internal network hostname.

25172

Web Admin

The UI Next button works as expected.

25241

Web Admin

A create listener error message was updated to provide improved guidance.

25263

Web Transfer Module

To reset two-factor authentication (2FA) or perform any operations, you must log on with a valid 2FA code.

25275

Web Admin

Log files can be imported to excel.

25277

Web Admin

SSL certificates can be deleted.

25279

Server

The correct order of tables are created during migration from PostgreSQL to MS SQL database using dbconfig.exe.

25317

Web Transfer Module

If a user's web transfer module password expires, they can log on but must change their password to continue.

6329, 26184

Security

The Open SSL version was updated to prevent potential vulnerabilities, including CVE-2024-5535, CVE-2021-23840, and CVE-2019-1551.