SFTP - This uses a SSH connection to perform file transfers. Public / private key authentication can be allowed or password-less logins. SFTP is not well suited for high latency connections though. Almost any SFTP client is supported.
SCP - Secure copy also uses SSH, but is meant for pushing a single file transfer as fast as possible. Its not well suited for directories, or for downloading if you don't know the exact file name already. Almost any SCP client is supported.
HTTPS - Complete secure file transfer access entirely from a web browser.
No third party tools needed. See below for more information on the WebInterface.
WebDAV SSL - It uses a HTTPS connection, but communicates using the XML WebDAV interface. OS X and Windows have native support for WebDAV built in
FTPS - Both FTP over SSL Explicit mode (FTPES), and FTP over SSL Implicit mode are supported. Support for Clear Command Channel (CCC), and client auth certificates. MODE Z and other enhanced FTP commands such as support for IPv6 is also supported.
SSH Tunnel - The SSH server in CrushFTP allows for SSH tunneling with limitations on what locations and ports a user can reach.
The WebInterface is a rich interface allowing for stunning visual displays of its files. Images, PDFs, Documents can all have previews of their contents generated into thumbnails that the user will see at a glance in the WebInterface. You can allow the user to view these thumbnails in large forms for slideshows, or quick previews. Movies can be handled also. Still frames are generated automatically from the movie so you can get a quick overview of the movie as your mouse hovers over the icon. You can also allow users to play movies directly from the WebInterface.
Custom Web Forms
The WebInterface allows you to specify custom forms for welcoming a user on their first visit to your site (such as acceptance of a legal disclaimer), or for asking for additional information about uploads. This data can be further processed in email notifications, or written to XML files using a CrushTask as an event in the user's setting in the user manager.
Event actions that are user customizable. They can generate emails with a list of uploads a user just made, or many various other tasks. You can customize events down to extreme detail. Events can be used to run various plugins which then perform other tasks as well (such as the CrushTask plugin.)
There are many different reports CrushFTP comes with to monitor what your servers is doing as well as the activities of your users. It really allows you to know what is going on without trying to read through log files and pieces everything together. You can see summary views of many different areas about the server, as well as details such as what IP's a user has been connecting from (are they sharing their account?). Additionally the scheduling interface allows you to have CrushFTP run the reports on a pre-defined schedule however you configure them. This means you can have an HTML report always ready and waiting for you every morning for example. The schedule is very customizable and very easy to setup.
Server Dashboard, Monitor, and Graphs
Everything is done from a web browser. You can login from anywhere you can reach your server with a web browser, and administrate it. Creating users, changing preferences, running reports, configuring plugins, etc. A high end WebInterface controls everything and it can be branded and skinned to fit into your comapny's web styles. Realtime graphs are being displayed as metrics on the server are changing. When you connect, you can see the history of the prior 5 minutes of activity.
Delegated / Limited Admin Roles
The server adminsitrator can delegate and grant administration access to end users in a limited way. You can allow a user to see the user manager or edit users, see the server prefs or edit them, see jobs, or edit them, and so on. You can also make a limited admin who has access to a subset of users and that is all they see and can work with. They are walled off into their own limited adminsitration area.
In-stream Data Alterations
Files that are being uploaded have the ability to be getting unzipped as they are being received, decrypted via PGP, and even encrypted via PGP all before they ever get written to disk. Further, since you can use a FTP / SFTP / HTTP(s) server as the back end, you may never even be writing them to a local disk.
CrushSync - Real-time File Replication and Synchronization
(Enterprise licenses only.)
This provides real time file synchronizations through CrushFTP. The client runs on the local machine monitoring the specified folders. When a change is detected, the change is propagated to the CrushFTP server, and any other clients subscribed to that folder now get those same changes. Only the changed parts of large files are sent, compression is used to save on bandwidth, and bandwidth acceleration can be used as well. Client configurations can be pre-configured for deployment, and an advanced mode allows clients to encrypt the data at the client side so that the server can never access the raw data. Only clients that have the private key can. This allows for robust one way synchronizations where a client places a file in the folder, and its sent to the server encrypted, and downloaded and decrypted by other privileged clients. The client is launched as an automatically updating application over a web connection. You as the server administrator control when you want to update the application for end users.
CrushTunnel and Bandwidth Acceleration
CrushTunnel allows for a robust system of running other connections inside of a HTTP(s) connection. For example you can run an insecure FTP connection inside a HTTPS tunnel to its destination keeping everything secure. If there are any network interruptions, thats fine too as the tunnel ensures the "internal" connections are not interrupted. The tunnel can gracefully recover from lost packets, and disconnections. The tunnel also provides bandwidth acceleration for enterprise licenses so that the single connections gets divided up into many connections delivering the data in parallel to the other side where its reassembled in order and delivered to the real destination it was intended for. This method works with streams of data, and not actual files, so its not specific to files. Any TCP connection that pushes data as fast as possible without doing internal verification of received amounts can be accelerated.
CrushFTPDrive - OS Network Drive for The Server
(Enterprise licenses only.)
It lets you connect to the CrushFTP server as a normal server drive on your machine. So on OS X this will be a network drive on your desktop, and for Windows this will be a M: drive, or other letter of your choosing. From there on, it acts like a network volume. You can copy files to and from it, edit and work on files directly on it, etc. Its not using WebDAV, and its built in caching system makes many common network operations very fast as it doesn't need to keep asking the server for information again and again. Behind the scenes, it looks like a SMB/CIFS server item to the OS, but its actually talking to the CrushFTP server entirely over HTTP(s). The client is deployed through a single click download link on the WebInterface, and it can be branded for its logo, and application name. Its localizable too with all strings being editable. Windows users need to install the included 'helper' service to work around OS limitations, but its a one time operation. The client is self updating every time its launched. You can reach Gigabit speeds through it on a LAN, and on latent networks, the CrushTunnel integrates with it to provide faster full network speed copies even for a drive that is half way around the world. CrushFTPDrive is much faster than WebDAV, and it provides a real network mapping in Windows instead of the 'shortcut' mapping. Identical features on OS X or windows.
High Availability Transfers
(Enterprise licenses only.)
File transfers that are going through CrushFTP to another server, and not necessarily to a disk can be configured to be HA. This means that in the event of a network interruption to where CrushFTP is delivering data to, CrushFTP will pause, and attempt to re-establish the connection, find the file size, and continue sending from where it left off. The real client connected to CrushFTP may see a slight stall while this happens, but their transfer will continue uninterrupted. This allows for a load balancer to balance connections between internal servers allowing for one to be rebooted, and CrushFTP would automatically resume all transfers on the alternate server. It keeps you from having any perceivable down time to your end users.
Job Scheduling and Monitoring
(Enterprise licenses only.)
Jobs can be configured to run at specified times. Jobs consist of CrushTask configurations that do various actions. These might be file polling operations, file archiving, encryption, zip, email attachment polling, etc. Any CrushTask action can be done and chained together. The task designer shows in realtime as the tasks are run. You can see the items each task item is working on, and view direct realtime logs of the task oeprations as well.
Active Log Viewer
The built in log viewer handles realtime log viewing of server logs. It handles any sized log file, allows multiple item filtering, and multiple color highliting. This can prove invaluable when searching or debugging a situation. It can also handle other log files on the server unrelated to CrushFTP allowing for additional server monitoring by full administrators.
Browsers that support HTML5 movies can stream compatible formats and move to any point in the file without the need to download the entire movie. The preview is built into the CrushFTP interface and can be utilized in slideshow mode as well.
User settings and virtual file system access can all be stored in SQL tables. This allows for multiple CrushFTP servers to share the common user database, and for you to manage these user accounts externally from CrushFTP.
You can build your private key certificate, the certificate request (CSR) you send to your certificate authority, and import the reply back into the server, all from the WebInterface. Its meant to be extremely easy for users to handle the SSL process which can be very confusing.
Pressing the keys 'alt-f' or 'option-f' will open a quick find panel in the user manager. This can be used to quickly find and open a user, or to find a particular setting. Think of it as a global way to search for anything in the user manager.
There are many plugins to choose from, and third parties can even develop their own. Plugins can have multiple configurations, so that you can expand their functionality even further. Some plugins apply only for authentication, while other apply for post processing of files, or automated tasks.
- AutoUnzip - post processes files and unzips their contents
- ContentBlocker - prevents uploads of files that don't have appropriate file extensions
- CrushLDAPGroup - allows authentication against an LDAP server (MS Active Directory, OpenLDAP, etc) including role verification
- CrushNoIP - keeps a dynamic DNS name updated with your current IP
- CrushTask - extremely powerful plugin covering many areas
- AS2 - find and send files outgoing validating MDNs
- Copy - take a list of files and copy to a local or remote location
- Tunnel - Specifically start and stop a tunnel port for other tasks to use
- Delete - take a list of files and delete from a local or remote location
- Email - send a SMTP email message with info about the list fo files
- Execute - run an external OS process to handle the list of files
- Exclude - remove some files from the list that is being processed
- FileParser - Read in a fixed width file as records for usage in other tasks
- Find - search a location building a list of files found
- FindCache - Cache prior file listings to compare to in the future
- Jump - conditionally jump to other task items
- HTTP - issue HTTP POST/GET comamnds with information about the files
- MakeDirectory - make a new folder
- Move - take a list of files and move to a local or remote location
- PGP - encrypt, or decrypt the list of files using PGP
- PopImap - scan an email server looking for attachments and download them
- Preview - force thumbnail creation on a list of files
- Rename - change the name of the list of files
- UsersList - iterate through a list of users calling other task actions with each user
- Unzip - decompress a zip file
- Wait - delay processing for some time, or wait for multithreaded tasks to finish
- WriteFile - build a file, or insert data into a file (such as XML) with the file info
- Zip - compress the files into a zip file
- DuplicateBlocker - checks to see if this same named item has been previously uploaded
- HomeDirectory - automatically make home folders and assign access
- MagicDirectory - simple user creation that is based on folder names where the folder is also their home
- PreferencesController - automatically assign alternate configurations to the server at different times
- Radius - allows authentication against a radius server
- ReverseSocket - force conenctions when in proxy mode to be initiated from the internal server
- WebApplication - dynamically create virtual users based on responses from another web service call
Users have events, and the server has alerts. Alerts are global actions that the server is monitoring for and then alerting you to their occurrence. This may be a user reaching their quota, or a user getting banned, a drive running low on free space, etc. Alerts are a global way for you to find out about issues that may affect the server's operations.
CrushFTP is always monitoring patterns of connections, and actions users are taking. If it detects a user being abusive based on these parameters, it can ban their IP permanently or for a period of time. It easily weeds out the robots scanning public servers by detecting common user name hammering on users like 'root', 'admin', 'mysql', etc. It promptly bans the IP for even one attempt as such an action. Additonal protection will protect you from DDoS attacks as well.
The folder monitor can scan sub-directories looking for files that have reached a certain age, and then process them in various ways. This can include deleting, archiving, or running a CrushTask to do even more complex things with no limit to what could be done. Its primarily used for cleanup purposes.
Zip on the fly, Zip Opening, and Zip/Unzip
A user can request a folder as a .zip instead of downloading each file individually. Saves bandwidth and time! The folder isn't first created to a .zip file, but its streamed to the user as CrushFTP generates the .ZIP content. No third party applications needed! With the WebInterface the user can select individual, or groups of files to have donwloaded as a single .zip file. They can also right click and go inside of a zip file to download individual items, or multiple items right from inside of a zip. You can also allow them to right click and unzip a file, or zip some items, all handled server side without them needing to download and re-upload the files.
CrushFTP's web port can be configured as a reverse proxy for a backend server, forwarding the entire domain to that server. This allows CrushFTP to handle the encryption, and block abusive DOS attacks while protecting your internal server.
Proxy / Protocol Converter
There are many different names to describe the functionality, but basically its connections coming to CrushFTP, and then CrushFTP making secondary connections to other servers based on the original request. What is important to note here is that the real user can't dictate how the internal request is made, they can only request the download of a file, and then CrushFTP starts that download using whatever protocol you bave configured between it and the internal server. As data is received, its streamed to the real user. Data is never stored locally, its always being streamed.
This process also allows for you to present a SFTP, HTTPS, and FTPES server to users while only having a back end legacy FTP server. You get instant securing, and numerous features your internal server could never provide, and you had to do almost nothing at all to get those features.
DMZ(Enterprise licenses only.)
This allows you to have a server running in your DMZ that is controlled by an internal master server. No ports need to be opened incoming to your network as the internal server is always making outgoing connections to the DMZ. A single internal server can have many DMZ servers it controls, and DMZ servers can be controlled by multiple internal servers allowing for a grid connection scenario so that you have redundancy.
The interface allows you to test your server from the outside, simulating the minimum requirements for the protocol to verify your ports are properly mapped on your router / firewall. It can detect many common situations, and suggest the appropriate fix. It detects when the wrong protocol is used, port is mapped to the wrong place, a firewall simply blocked the connection, and more.
Groups and Inheritance
Users can inherit settings from the group they belong to (default), or they can be set to inherit an individual setting from any other user or group. Inheritance can be layered so that each higher layer overrides values from the lower layer allowing you to combine inheritance in complex scenarios.
This includes SSL WebDAV serving as well. This means you can mount your CrushFTP server directly in the Finder as another drive and work off of it. The finder supports download only for FTP, but supports everything for WebDAV!
You have full control to customize the web interface. You can customize the colors, fonts, logos, etc. Additionally using jQuery, you can further manipulate and customize the WebInterface in infinite possibilities.
Users can upload files and folders using the built in uploader. There is a download basket where users can collect files to download, then download them all at once with one click. It has sorting, searching, and filtering built into it too. You can right click on an item, and share it with someone over email all from the WebInterface. The temp link created will automatically expire too. A slideshow can easily showcase images right from the browser.
The integrated "Advanced Mode" allows for automatic resumes of uploads, and can utilize compressions to further accelerate uploads.
You can allow users in the WebInterface to share items. This creates unique temporary links that can be automatically emailed out. The user who shared the item can manage the shares and monitor the usage of the items they have shared. Enterprise licenses allow for additional sharing where the user can creates shares between other CrushFTP users. So if a user has access to a folder, they can share that item with another user.
Why should a change in OS keep you from running the same server? CrushFTP supports nearly every current OS. If you can run Java 1.5 or better, then you can run CrushFTP. (MacOS X, Windows, Linux, Unix, BSD, Solaris, etc.)
While CrushFTP is not a traditional AS2 styled server that focuses on B2B operations, it can be used to accept AS2 files and send out MDN responses. You can configure CrushTask to send AS2 outgoing requests as well, or proxy data through CrushFTP as an outgoing AS2 send. CrushFTP is primarily a file transfer server, and treats AS2 transfers as just another way to send a file's contents.
- Multihoming support. Virtual servers for multiple IP's, or multiple ports on an IP, or both.
- Resume supported on download and uploads.
- Directory permissions per directory. All directories can have different read/write/view/delete/resume/rename/make dir permissions/etc.
- File permissions per file. All files can have different read/write/view/delete/resume/rename/etc.
- Directory quotas. Every directory can have a quota applied to it, or inherit from the parent directory.
- Virtual Directory support on any platform. Design your own directory structure for a user when they log in.
- Bandwidth limits on uploads per [user/group/server].
- Bandwidth limits on downloads per [user/group/server].
- Idle timeout for auto-disconnect per [user/group].
- Maximum login time allowed per [user/group].
- Maximum simultaneous logins allowed per [user/group].
- Maximum logins per IP for a [user/group]. (e.g. 100 anonymous logins, but only 2 from the same IP)
- Allow/Deny IP restrictions for logins per [user/group/server]. Supports IP ranges for deny and allow.
- Max download amount per [user/group] for each login session. (e.g. after 10mb's the user cannot download till they logout and then login again)
- Day of week restrictions per [user/group/server] (e.g. Sun, Mon, Tues, etc.)
- Time of day restrictions per [user/group/server] (e.g. login between 10 a.m. and 11 a.m. and between 4 p.m. to 10 p.m.)
- Group inheriting for users, along with ability to override any part of a group setting for a particular user.
- Monitoring connected users. See their log, current dir, bytes sent/received, transfers speeds, login time, login IP, and estimated time left for a transfer.
- Download ratio per [user/group]. Both can be temporary per session login or permanent.
- Incredible server statistics, such as last login date, time, IP, current total server bandwidth usage (bytes in/out), files downloaded/uploaded, graphs for bandwidth utilization, etc.
- Customizable logging options allow you to control what gets logged to disk.
- Filtering of filenames for uploads, downloads, lists, and renames.
- Hammering protection that will ban a user.
- Users behind a router/firewall can have CrushFTP auto discover their real IP.
- Log rolling allows logs to automatically be archived, or deleted.