CrushFTP Bugfixing

Recently I had the opportunity to work with managed file transfer software called CrushFTP. Although the client already had a CrushFTP server set up, I had the opportunity to install a new server with the latest, brand new version. Additionally, due to the low-risk environment, it was possible to opt for weekly updates to keep the functionality and security current.

As always with newer software, you run the risk that there are a few issues that haven’t been ironed out yet. We discovered an issue after a routine update, where users logging in sometimes were unable to upload files as expected.

Our set-up utilises two servers. One server is placed in the internal network and handles all the files and authentication and other processes. This can be considered the brains of the setup. The second server sits in our DMZ, used to mediate the communication with external parties. This server ensures the internal network can’t be compromised.

A little troubleshooting identified the DMZ server to be the issue. At this point we contacted CrushFTP support; they identified an issue when the DMZ was used in combination with LDAP integration (a user-management system). Our production servers postponed the update in order to avoid further issues.

CrushFTP soon released a fix, so we were able to apply both the original and bugfixing updates simultaneously.

A second issue was also handled similarly. Some of the interfaces allow users to upload files, but not to download anything from that folder (or even to see the contents). An update caused folders with these specific permissions to become invisible. Once again we were able to postpone the update from the production servers until a fix was provided.

Production impact: None.

Update _26 and _42 fixed the issues identified in the testing environment
blogger

blogger

Curious to know more about this topic?

Working at i8c

i8c is a system integrator that strives for an informal atmosphere between its employees, who have an average age of approx 30 years old. We invest a lot of effort in the professional development of each individual, through a direct connection between the consultants and the management (no multiple layers of middle management). We are based in Kontich, near Antwerp, but our customers are mainly located in the triangle Ghent-Antwerp-Brussels and belong to the top 500 companies in Belgium (Securex, Electrabel, UCB, etc…).

Quality Assurance

i8c is committed to delivering quality services and providing customer satisfaction. That’s why we invested in the introduction of a Quality Management System, which resulted in our ISO9001:2000 certification. This guarantees that we will meet your expectations, as a reliable, efficient and mature partner for your SOA & integration projects.

i8c - ISO9001-2015

Also worth reading

AWS AppFlow: Streamlining SaaS Integrations with AWS Services

In today’s digital world, organizations are constantly looking for ways to streamline their workflows and improve their data management processes. One of the key challenges that organizations face is integrating their various software as a service (SaaS) applications with their data management systems. This is

Read More »

Apigee Scope Validation using OpenAPI Specification

In API security and management, we often use a lot of different security mechanisms to protect the requested resource behind the API Gateway. One of these mechanisms is the validation of scopes to authorize a client on a specific sub-resource of the API. Most of

Read More »