CrushFTP Support Forums
  [Search] Search   [Recent Topics] Recent Topics   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [Groups] Back to home page 
[Register] Register / 
[Login] Login 
Messages posted by: spinkb
Forum Index » Profile for spinkb » Messages posted by spinkb
Author Message
Email us directly at support and provide a screenshot of your port listing in the prefs so we can see how they are ordered.

Thanks,
Ben
Latest build now corrects this issue.

Thanks,
Ben
"PASS" as in the command for "PASSword". Its a carryover from FTP. They didn't pass the password phase...so they didn't succeed.

Thanks,
Ben
Why do you think they were successful? They were connected, and trying to guess at passwords maybe, so CrushFTP shows the surname they are trying. That doesn't means they succeeded in anything other than eventually getting themselves banned.

Look at the user info tab, click on a session, see what their log has. Does it show the login succeeding or being denied?

If they aren't even using a correct username, they can never be successful. If they try too many times and exceed your banning rule, their IP is banned and no further attempts can be tried.

Thanks,
Ben
If you use a domain that starts with "ftp" and you don't specify a protocol when typing in the DNS name, the browser will assume FTP.

So...since your using a DNS name like that, you have to type "http://" in front of the DNS.

Thanks,
Ben
In their VFS, they would be inside their home folder if that is their email or whatever.

So you could send out hard coded emails like this:

http://results.domain.com/?u={1path}

http://results.domain.com/?u={2path}

Or whatever part of a path from your own user that was used the email is their username.

So in your account, if you uploaded in /uploads/user@domain.com/file.txt then that would be {2path} to get the 2nd segment of that full path. Adding it on the URL you sent them just causes the login.html page to pre-fill the username for them as a convenience, but its not necessary.

But since every user has their own VFS, you can't simulate a full link into their account unless you have a matching folder structure for them as well.

Thanks,
Ben
Its been too long since I wrote those instructions. :)

The way OSX is setup to separate apps into app containers, you kind of need to do separate plist file definitions. All could be in the file, that is up to you, and not do an include.

The instructions we have are not a secret method to make CrushFTP work. We had to figure rout Apple's convoluted system of adding a reverse proxy in newer versions of the OS, and this is what we came up with as being the easiest way we could figure out...which we still aren't big fans of. But its all we figured out.

So if you have a different way you want to do reverse proxy that works, by all means do it. Any way that accomplishes the goal of reverse proxy is absolutely fine.

Thanks,
Ben
If you reverse proxy an entire domain, then you change nothing in CrushFTP.

If you do a sub dir, then you must tell CrushFTP the subdir in the reverse proxy config.

I see nowhere in our guide where we tell you to point apache to that plist. We tell you to copy it out...

Thanks,
Ben
On our side...this works fine for a zip download or normal download for the event.

What is logged? It should log references about adding to the events when you download.

Also update to 7.1.0_150+ in case its something we fixed between whatever your on.

Thanks,
Ben
The prior issue was related to the DB if I remember right.

Regardless of how the download is done, zip or individually, it is being tracked...

Check the reports. They will show it was tracked.

Your saying just the manage shares listing of download tracking is the only thing not showing this?
That file is just a template file for you to use and install into apache. CrushFTP won't ever be changing that file for any reason.

You just need to follow the guide on the wiki page for configuring reverse proxy in apache.

The config your making in CrushFTP settings is for CrushFTP, and is unrelated. Follow the guide carefully.

http://www.crushftp.com/crush7wiki/Wiki.jsp?page=Reverse%20Proxy%20Apache

Thanks,
Ben
Not in any way.

Thanks,
Ben
If you have an enterprise license, you can do this in a Jump task item. It allows for conditional logic.

So if some var equals this, do this, else this...and you could have completely different email task items it executes.

But no conditional logic in the normal version of the software.

Thanks,
Ben
we handle BCRYPT: MD5CRYPT: CRYPT3: But only those...

Thanks,
Ben
Email us directly at support for access info so we can test further.

--Ben
First, update your CrushFTP by clicking update now to move to 7.1.0_149+.

Then see if you still have issues.

Let me know,
Ben
Very first thing to try is to update to v6.5. There may have been a bug related to this...and your a ways out of date.

So update first and see if the issue remains.

Let me know,
Ben
Its a known bug...work around is using enter key to go into the folder.

We are trying to replicate to figure out a fix. Doesn't affect us all the time.

Thanks,
Ben
What version of CrushFTP is this?

Is your windows version using english localization?

This is definitely not a known limitations and we work with all UTF8 chars, dealt with japanese characters just today.

Let me know,
Ben
Then you are *very* out of date. 1.5 years of changes in CrushFTP is a significant amount. You might be exposed to exploits too staying on an old version, things we have fixed, things we have updated, etc. There isn't anything known...but staying on an old version is not a good method for security.

v7 has a majorly improved "Jobs" system. This along would improve what your doing, allowing you to see details as the job runs, etc. v6 had our first pass at making a job scheduler. v7 drastically improved on that system.

I can't stress enough...plan to upgrade to v7 as soon as you can...especially since your using Jobs. At the very least, move to v6.5. Its a one button press and it auto updates and restarts CrushFTP update. Most people can do this in under 1 to 2 minutes.

Thanks,
Ben
We aren't aware of any test and run job issues...so this must have been fixed at some point in the past. I don't know your current version your using though.

But as you mentioned in the other email, first clearing the target location before writing to it is the easiest solution to implement without updating.

Thanks,
Ben
Please update now to get 7.1.0_146. Then try this again.

Let me know,
Ben
Update now to get the latest build which fixes this.

Thanks,
Ben
There is no apache. CrushFTP is a complete server, doesn't rely on anything else.

That is the file, login.html. CrushFTP dynamically alters it slightly as it serves it out to web browsers so that options can be adjusted according to the prefs. Think of it like 1% template file. The rest is taken literally.

Thanks,
Ben
Make a user in the user manager called "the_special". Give "the_special" access to the additional folders.

Now in the plugin, specify for the role "cn=Specials,ou=Development,dc=domain.dc=com" to reference "the_special".

Thanks,
Ben
Create a group for him in AD.

Configure that group in the plugin to be tied to a User Manager template account. Give access in that template account to the specified folders.

Anyone who logs in who is a member of that AD role, now gets those folders (him).

Thanks,
Ben
I really think cookies are being lost.

Or...maybe your OS localization is not English? I've seen an issue there once too for Turkish...

A chrome debug session watching the network tab and looking at the calls for everything except css, js, and images would be helpful to. Email us directly and we can do a screen sharing session to debug.

Thanks,
Ben
We'll have a new build of v7 tomorrow to address this. It will give you an option on your encrypt task to add the hinted file size to the encrypted archive. Its a new checkbox in the task.

Thanks,
Ben
Append {name} on the end of the URL so it knows to copy the filename there.

smb://...................../path/{name}

Thanks,
Ben
In your example, your SMB Url has an issue...so it couldn't connect properly.

Robocopy is connecting to what? A UNC path with credentials?
Use copy, and specify a destination using SMB not a UNC path which has no credentials. The SMB URL has credentials. But ideally...in DMZ mode, the DMZ server doesn't hold files, everything rests on the internal server and jobs all run internally...

Thanks,
Ben
These are the columns.

user{tab}pass{tab}/home/folder/{tab}(read)(write)(delete)(view)(resume)...{tab}email{tab}first_name{tab}last_name{tab}group{tab}notes


Thanks,
Ben
Is the file being encrypted by CrushTask?

Not a prior file...but a newly encrypted by CrushTask file. That still has an issue?
I assume this is resolved now with the emails to support. Let me know if not.

Thanks,
Ben
Errors in the CrushFTP log before it crashes?
Pretty sure its a simple fix...upgrade to v7.

The issue is crush task in v6 didn't write the file size into the header of the encrypted file. So IE doesn't like the download of an unknown size.

You need to upgrade anyway regardless...but now you have and excuse.

Thanks,
Ben
Have a drop-down that has a name ending with "_cascade". Now the drop-down's elements when chosen will effect the other elements later on in your overall from.


So, let’s say you have a drop-down called “order_form_cascade” and then create three options within that drop-down called, “poster”, “photo_prints”, and “generic”.


Then the following from elements have names like below:

item1_poster
item2_poster
item3_poster
item4_poster
Item5 <----is always shown since it has no matching tag on the end of it.
item6_photo_prints
item7_photo_prints
item8_generic
item9_generic
item10_generic
etc.

Its the end of the form element name that tags it to be hidden with the cascade functionality.

--Ben
Yes, using VFS collisions.

Click the + to add another extra vfs above the VFS area.

If the user's home is "bob"...then add a virtual folder called "bob". Then inside that virtual folder, add another real item.

Now when the user logs in, the /bob/ path that they start in will be a combined listing of items.

We suggest using something more generic like "home" to make the collisions easier to do.

Thanks,
Ben
A single form can be dynamically changed based on a drop down...so the entire form can change based on the selection.

Would that work?
No...you have to specify the folders. But you can specify a lower folder so it gets all user home locations...
The current build is 7.1.0_131+.

Click update now to be updated, or the download on the web page is *always* the latest, so _35 is an old build already by now.

So update now to get a new build.

Thanks,
Ben
Sorry I missed the reply here, but got your direct email. Glad you have it now.

Thanks,
Ben
I'll document this here for other people as well as its good for people to understand the whole process.

Every single SSL app uses the same sort of structure for SSL. So every SSL server's certs are interchangeable, they just sometimes package them in different ways that have other benefits.

The process:
Before anything, a private key is created that has the "CN" attribute referencing your domain name. CN=common name. There is a bunch of other "fluff" that describes you as the company too, but the single critical element is the CN. From a private key, you can generate the (C)ertificate (S)ighning (R)equest. This describes your private key in such a way that a certificate authority (CA) can vouch that you are who you say you are, and they sign the CSR and sent you the cert (CRT) file (also known as the CA reply file). This CRT is worthless without the private key. It literally points back at that specific key's unique signature, and is 100% worthless without that private key. So that is the entire process.

Now all cert authorities also do a little more in-between...they don't sign your cert with their own super super super secret CA key, they instead sign with an intermediate certificate. The structure is something like this:

CA key (super super super secret)
CA root (signed by their super super super secret)
CA intermediate (signed by their root)
your key (signed by their intermediate)

Everyone in the world trusts the CA key for say 10 years...and they also trust keys that it has signed. Its the "chain" of trust.

Now servers like Apache, and IIS may ask you for your private key, and the signed key. (The CSR is only useful to get the CRT, then its garbage. Don't save it thinking you have something useful...) They likely have a list of most server's intermediate and root certs, and they build a chain internally for you and use your keys.

CrushFTP and other servers use a "keystore" to hold the chain of keys, and these have a way to link the keys together. CrushFTP will accept either a JavaKeyStore (JKS) or a PFX, P12, (PKCS12) formatted keystore. A keystore is like a folder of keys, but with a password on the folder of keys to secure them.

So a keystore needs a private key in it, plus the root cert, plus the intermediate cert, and finally your signed cert.

So going from apache individual files to a keystore is a documented process of a few steps. You basically are importing the files into a PKCS12 keystore. Then CrushFTP can use that kesytore file directly.

A JKS keystore for practical purposes works the same as a PFX file. (Not 100% the same, but for what you care about, it is.)

Here is a link for converting Apache files into a PKCS12 file. http://www.crushftp.com/crush7wiki/Wiki.jsp?page=Openssl_key_convert

--Ben
Make sure there is no "caching" going on by Squid...

Otherwise I see no reason why it should really matter. People use apache as a reverse proxy all the time.

Is this CrushFTP 7.1?

What is logged in CrushFTP?

Is squid passing through cookies and everything?

Thanks,
Ben
Karolis wrote:BTW, I have shared a folder. And downloaded a file from that folder.
but when I look into Manage Shares, i see Download count as 0.
http://www.vips.lt/temp/Download_count.png

I can see download counts in Upload/Download reports for that user.


If this is still an issue, email us directly at support.

After the download, logout with the user to make sure their session is complete.

Let me know,
Ben
I am 99% sure this is something fixed by v7.

This is specifically related to a session object item, and we re-wrote sessions tuff in v7.

Basically its checking for an error message for the upload, and failing here...maybe the upload failed for some reason....and that is why there is no object to check, so this might be misleading.

Any chance you want to try v7 if your planning on staying current and buying that upgrade anyway? Email us directly and we will give you a two month code to try it out with so you don't need to pay for an upgrade if its not going to help.

Let me know,
Ben
Please email support directly so we can further assist. We need to do a screen sharing session.

Thanks,
Ben
This query might need to be adjusted in your prefs, user config area...

db_user_email_query

It should be correct, but may not always be correct.

Secondly, update to latest build again now, the url encoding issue should now be fixed too. 7.1.0_128+

Let me know if it still fails.

Thanks,
Ben
So its all working now then...right?
Your using XML users and not SQL though...right?

Maybe a secondary issue is SQL users...

Jozef, can you export SQL to XML, restart CrushFTP, and try it there to verify it works?

Thanks,
Ben
 
Forum Index » Profile for spinkb » Messages posted by spinkb
Go to:   
Powered by JForum 2.1.8 © JForum Team