At line 1 removed 22 lines |
__Q: How can I enable AES256 encryption, or higher encryption for SSL, SSH, PGP, and keystores?__ |
|
A: The policy files must be downloaded manually and installed in your Java lib/security folder replacing the old files. (DO NOT KEEP THE OLD FILES) |
|
Java6: [http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html] \\ |
Java7: [http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html] \\ |
Java8: [http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html] \\ |
|
You may also search google for: 'java unlimited cryptography policy files' |
|
OS X Java 6 install location: /System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home/lib/security/ \\ |
OS X Java 7 install location: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/ \\ |
OS X Java 8 install location: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/ \\ |
|
Windows install location: C:\Program Files\Java\jre6\lib\security\ or C:\Program Files\Java\jre7\lib\security\ or C:\Program Files\Java\jre8\lib\security\ |
|
CrushFTP must be restarted after making this change. (The service or daemon.) |
|
Once this has been done, edit the cipher list in the server prefs SSH port item, SSH tab to duplicate the AES128 ciphers and replace the 128 with 256. Your Encryption, SSL tab items will automatically include the new items. Stronger key and keystore files will now work properly too. |
|
---- |
|
At line 30 changed 3 lines |
Chrome - no limitations\\ |
FireFox - can't upload folders unless using advanced mode\\ |
IE - Only handles drag and drop starting with IE11. IE is slow in all operations due to its poor rendering speed on javascript. Chrome is *much* faster in many areas.\\ |
Chrome - no longer supports java, but does handle file/folder uploads natively\\ |
FireFox - c32bit supports java, 64bit does not. So 32bit can sue the java applet for folder uploads, 64bit cannot. Natively it can upload files though.\\ |
IE - Only handles drag and drop starting with IE11. IE is slow in all operations due to its poor rendering speed on javascript. Chrome is *much* faster in many areas. But IE can still run Java applets.\\ |
At line 35 changed 3 lines |
Chrome - Cannot do advanced mode since Google hasn't bothered updating Chrome to be 64 bit, and Java on OSX is only 64bit.\\ |
FireFox - No drag and drop to the advanced mode applet. Apple/Oracle block all DND operations to Java applets in the browser.\\ |
Safari - No drag and drop to the advanced mode applet. Apple/Oracle block all DND operations to Java applets in the browser.\\ |
Chrome - No longer supports Java, but it natively can handle folders.\\ |
Safari / FireFox - No drag and drop to the advanced mode applet. Apple/Oracle block all DND operations to Java applets in the browser. It can support file uploads though.\\ |
At line 39 changed one line |
In all browsers, resume is only supported if using advanced mode as browsers lack resume capabilities. |
Resume is supported in the advanced mode, as well as the HTML5 upload mode Chrome, and Edge support. |
At line 44 changed one line |
A: [SSL] Background:\\ |
A: [SSLCerts] Background:\\ |
At line 31 added one line |
---- |
At line 33 added 7 lines |
__Q: Is CrushFTP HIPPA certified?__ |
|
A: CrushFTP is not HIPPA compliant by default, but can be 'hardened' in a few simple steps, to be HIPPAA compliant. Practically, we need to use latest Java with JCE policy files installed then remove the plain HTTP ports, set enforce FTP to FTPES or use FTPS, disable all insecure SSL cyphers, possibly set <fips140>false</fips140> to true in the main config file, prefs.XML. That and paired with on premises hosting will make crush HIPPAA compliant ( actually we have quite a large number of customers from within healthcare environments). Please see our related docs, let us know if need further info |
|
[Hardening]\\ |
[JCEInstall]\\ |
[SSLCerts]\\ |
At line 41 added one line |
|
At line 100 added 14 lines |
__Q: How can I set the cookie notification?__ |
|
A: You can go to the CrushFTP WebInterface Localizations folder and edit the en.js and update the fields below: |
|
CookiePolicyNotificationText : "We use cookies on this site to facilitate your ability to login for technical reasons.", |
CookiePolicyLinkText : "Cookie Policy", |
CookiePolicyAcceptButtonText : "Accept", |
CookiePolicyDismissButtonText : "Dismiss |
|
In case want to disable this notification, can use this snippet on Prefernces->Webinterface->Custom javascript field |
|
window.dontShowCookieNotification = true; |
---- |
|
At line 151 added 2 lines |
net stop http /y |
net start w3svc |
At line 154 added 3 lines |
\\ |
\\ |
For old servers, use this: Download and install the Windows Server 2003 Support Tools |
At line 153 removed 3 lines |
(old method)\\ |
Download and install the Windows Server 2003 Support Tools |
|
At line 166 added one line |
__Q: How do you stop Apache on OSX to bind to ports that are used by CrushFTP ?__ |
At line 168 added 6 lines |
A: Try and run the following command from terminal: |
sudo launchctl unload -w /System/Library/LaunchDaemons/org.apache.httpd.plist |
|
|
---- |
|
At line 184 changed one line |
sudo launchctl remove /System/Library/LaunchDaemons/org.apache.httpd.plist |
sudo launchctl remove /System/Library/LaunchDaemons/org.apache.httpd.plist\\ |
\\ |
For OSX 10.11+:\\ |
{{{ |
sudo launchctl unload -w /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons/com.apple.serviceproxy.plist |
}}} |