FEATURE: IP-Based Access-Control: Server Wide

- Navigate to Management -> Security -> IP Access Control-Lists - Right-click and choose "Add IP/ACL" PLEASE NOTE: All rules should be added as a DENY rule ("-" minus) sign. Entering a ALLOW rule ("+" plus) will override the default rule of "+*.*.*.*" and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
– Navigate to Management -> Security -> IP Access Control-Lists
– Right-click and choose “Add IP/ACL”
PLEASE NOTE: All rules should be added as a DENY rule (“-” minus) sign. Entering a ALLOW rule (“+” plus) will override the default rule of “+*.*.*.*” and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
Enter the IP Address to be banned. Please note that the "Refuse IP Address Access" should be chosen. PLEASE NOTE: All rules should be added as a DENY rule ("-" minus) sign. Entering a ALLOW rule ("+" plus) will override the default rule of "+*.*.*.*" and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
Enter the IP Address to be banned. Please note that the “Refuse IP Address Access” should be chosen.
PLEASE NOTE: All rules should be added as a DENY rule (“-” minus) sign. Entering a ALLOW rule (“+” plus) will override the default rule of “+*.*.*.*” and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
- Navigate to Server Monitor -> Log Watch In this example, you'll see the DENY rule being made for "-54.153.69.28" and you'll see the ftp-client disconnect and then attempt to reconnect again, only to be refused access.
– Navigate to Server Monitor -> Log Watch
In this example, you’ll see the DENY rule being made for “-54.153.69.28” and you’ll see the ftp-client disconnect and then attempt to reconnect again, only to be refused access.

FEATURE: IP Based Access-Control for Users/Groups

- Navigate to User/Group Manager -> Edit User/Group -> Restrictions - Right-click and choose "Add IP/ACL" PLEASE NOTE: All rules should be added as a DENY rule ("-" minus) sign. Entering a ALLOW rule ("+" plus) will override the default rule of "+*.*.*.*" and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
– Navigate to User/Group Manager -> Edit User/Group -> Restrictions
– Right-click and choose “Add IP/ACL”
PLEASE NOTE: All rules should be added as a DENY rule (“-” minus) sign. Entering a ALLOW rule (“+” plus) will override the default rule of “+*.*.*.*” and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
Enter the IP Address to be banned. Please note that the "Allow IP Address Access" should be chosen, in order to restrict a user|group to a specific IP Address (aka whitelist) PLEASE NOTE: All rules should be added as a DENY rule ("-" minus) sign. Entering a ALLOW rule ("+" plus) will override the default rule of "+*.*.*.*" and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
Enter the IP Address to be banned. Please note that the “Allow IP Address Access” should be chosen, in order to restrict a user|group to a specific IP Address (aka whitelist)
PLEASE NOTE: All rules should be added as a DENY rule (“-” minus) sign. Entering a ALLOW rule (“+” plus) will override the default rule of “+*.*.*.*” and turn IP/ACL into whitelist only, where all IPs are rejected unless an ALLOW rule is created.
- Navigate to Server Monitor -> Log Watch In this example, you'll see the ftp-client from "-54.153.69.28" is denied. This is because the IP/ACL was converted to a "whitelist" with a single ALLOW rule and "+192.168.0.*" does not match the incoming ftp-client.
– Navigate to Server Monitor -> Log Watch
In this example, you’ll see the ftp-client from “-54.153.69.28” is denied. This is because the IP/ACL was converted to a “whitelist” with a single ALLOW rule and “+192.168.0.*” does not match the incoming ftp-client.

FEATURE: Allow Multiple Instances

“Allow Multiple Instances” is a new function as of v2014.1.0.15 that allows you to run multiple copies of the software, each with it’s own set of Settings, Users/Groups. This is very useful for organizations which provide ftp-services for their clients and would like to keep the groups of ftp-users in their own separate instance.

It’s also very useful for controlling bandwidth used by each instances, as multiple IPs can be bound to the computer’s NIC, allowing for fine-grained control of bandwidth, traffic shapping, etc in their networking-hardware; each instance would then use the “Multi-IP” setting to only listen to specific IPs. (Management -> Settings -> Multi-IP)

Allow Multiple Instances: Create Shortcut
Allow Multiple Instances: Create Shortcut
Allow Multiple Instances: Edit Shortcut
Allow Multiple Instances: Edit Shortcut
Allow Multiple Instances: Name Shortcut
Allow Multiple Instances: Name Shortcut
Allow Multiple Instances: Shortcut Properties
Allow Multiple Instances: Shortcut Properties
Allow Multiple Instances: Shortcut Double-Click to Start
Allow Multiple Instances: Shortcut Double-Click to Start
Allow Multiple Instances: Import, Automatic Search for Installations
Allow Multiple Instances: Import, Automatic Search for Installations
Allow Multiple Instances: Import, Manually from Specified Folder
Allow Multiple Instances: Import, Manually from Specified Folder
Allow Multiple Instances: Example Files for Import
Allow Multiple Instances: Example Files for Import
Allow Multiple Instances: Importing Example Files
Allow Multiple Instances: Importing Example Files
Allow Multiple Instances: Confirmation of Instance Storage-Path
Allow Multiple Instances: Confirmation of Instance Storage-Path
Allow Multiple Instances: Verification of Instance Storage-Path in Windows Explorer
Allow Multiple Instances: Verification of Instance Storage-Path in Windows Explorer

FEATURE: Bulk Import CSV

In the latest release of BulletProof FTP Server, we’ve added the ability to import users via the “Bulk Import (CSV)” button, located in the User Manager. A CSV-File is a flat-text-file that contains a list of records (one per row) with a defined set of field-values for that record. This is analogous to a spreadsheet, such as Microsoft Excel and is often used as a method of getting data in/out of a spreadsheet.

To this end, we’ve developed a function that allows you to IMPORT user-accounts from another source, using a CSV file. Below is a list of fields that are supported for import. In this list, the first record you see is “ACCOUNTNAME”, this is a MANDATORY record as it is the unique-primary-key for the data. If ACCOUNTNAME exists, the data will be updated. If not, a new user-account will be created and all of the data will be set to the provided information. All other fields are optional, but each row in the CSV-file must contain the same fields as defined in the first header-record.

NOTE: Executing this functionality can be automated from the command-line utility “bpftpserver-adduser.exe”. Please see this HOWTO for more information.

EXAMPLE:
In the following example, we are defining a CSV file to import 11 new user-accounts (mmc000 to mmc010). Below you will find the first row contains the list of columns each row/record will contain; subsequent rows contain the data for the accounts. Please note, this is generic data and in this case, I choose to make a simple list of account-names that are prefixed with “mmc” and then use a 3-digit number. The intention is to show the power and flexibility; as each user-account can be assigned their own home-directory (c:\ftp\mmc999), groups, login-name, passwords, etc.

"AccountName","ACCESSRIGHTS_PACKED","Enabled","EnableLogin","Login","EnablePass","Pass","GroupName"
"mmc000","C:\ftp\mmc000;RWDAMLSK","1","1","mmc000","1","mmc000","mmc-group-0"
"mmc001","C:\ftp\mmc001;RWDAMLSK","1","1","mmc001","1","mmc001","mmc-group-0"
"mmc002","C:\ftp\mmc002;RWDAMLSK","1","1","mmc002","1","mmc002","mmc-group-0"
"mmc003","C:\ftp\mmc003;RWDAMLSK","1","1","mmc003","1","mmc003","mmc-group-0"
"mmc004","C:\ftp\mmc004;RWDAMLSK","1","1","mmc004","1","mmc004","mmc-group-0"
"mmc005","C:\ftp\mmc005;RWDAMLSK","1","1","mmc005","1","mmc005","mmc-group-0"
"mmc006","C:\ftp\mmc006;RWDAMLSK","1","1","mmc006","1","mmc006","mmc-group-0"
"mmc007","C:\ftp\mmc007;RWDAMLSK","1","1","mmc007","1","mmc007","mmc-group-0"
"mmc008","C:\ftp\mmc008;RWDAMLSK","1","1","mmc008","1","mmc008","mmc-group-0"
"mmc009","C:\ftp\mmc009;RWDAMLSK","1","1","mmc009","1","mmc009","mmc-group-0"
"mmc010","C:\ftp\mmc010;RWDAMLSK","1","1","mmc010","1","mmc010","mmc-group-0"

SUPPORTED FIELDS AVAILABLE TO BULK-IMPORT

Commonly Used Fields

FIELD_NAME FIELD_TYPE DEFAULT MANDATORY
ACCOUNTNAME STRING “” TRUE
AccessRights_Packed STRING “”
Enabled BOOLEAN True
EnableLogin BOOLEAN True
Login STRING “”
EnablePass BOOLEAN True
Pass STRING “”
EnableGroup BOOLEAN False
GroupName STRING “”
UseGroupHomeDir BOOLEAN False

Lesser Lesser Used Fields

FIELD_NAME FIELD_TYPE DEFAULT MANDATORY
AddHomeLink BOOLEAN False
AddLinkFromFile BOOLEAN False
AddLinks BOOLEAN False
AllowChangePassword BOOLEAN False
AllowNoop BOOLEAN True
BannedFiles_PACKED STRING “”
By-Pass_MaxUser BOOLEAN False
ChgDirMsgFile STRING “”
DefaultGroupQuotaCredit INTEGER -1
DefaultGroupRatioCredit INTEGER -1
EnableMaxConPerIP BOOLEAN False
EnableMaxUsers BOOLEAN False
EnableSITECHAT BOOLEAN False
EnableSITEWHO BOOLEAN False
Hide hidden Files BOOLEAN False
Home-IP STRING “”
IPACLList_PACKED STRING “”
Info_Address STRING “”
Info_City STRING “”
Info_Email STRING “”
Info_Fax STRING “”
Info_Name STRING “”
Info_Notes STRING “”
Info_PhoneHome STRING “”
Info_PhoneWork STRING “”
LinksFile STRING “”
LoginMsgFile STRING “”
MaxConPerIP INTEGER 1
MaxSpeedEnabled BOOLEAN False
MaxSpeedRcv INTEGER 512
MaxSpeedSnd INTEGER 512
MaxUsers INTEGER 0
QuotaCurrent INTEGER 0
QuotaEnabled BOOLEAN False
QuotaMax INTEGER 0
RatioCredit INTEGER 0
RatioDown INTEGER 1
RatioEnabled BOOLEAN False
RatioMethod INTEGER 0
RatioUp INTEGER 1
RelativePath BOOLEAN False
ResolveLNK BOOLEAN True
ShowChangeDirMsg BOOLEAN False
ShowLoginMsg BOOLEAN False
TimeOutEnabled BOOLEAN True
Timeout INTEGER 600
TreatLinksAs BOOLEAN True

FEATURE: Supported Windows Server OSs

The current version of BulletProof Server supports all modern flavors of Windows Server; including:

Windows Server 2016 (All Releases/Service Packs)
Windows Server 2012 Essentials
Windows Server 2012 Standard
Windows Server 2012 Datacenter

Windows Server 2012 (All Releases/Service Packs)
Windows Server 2012 Foundation
Windows Server 2012 Essentials
Windows Server 2012 Standard
Windows Server 2012 Datacenter

Windows Server 2008 (All Releases/Service Packs)
Windows Server 2008 Standard
Windows Server 2008 Enterprise
Windows Server 2008 Datacenter
Windows HPC Server 2008
Windows Web Server 2008
Windows Storage Server 2008
Windows Small Business Server 2008
Windows Essential Business Server 2008
Windows Server 2008 Foundation (Codenamed “Lima”)

Windows Server 2003 (All Releases/Service Packs)
Windows 2003 Web
Windows 2003 Standard
Windows 2003 Enterprise
Windows 2003 Datacenter
Windows 2003 Compute Cluster
Windows 2003 Storage Server

Windows Home Server (All Releases/Service Packs)
Windows Home Server 2011
Windows Home Server

FEATURE: Users and Groups

The User Manager in BulletProof Server contains an extensive number of controls and features. For more information on each sub-function in the User-Manager, please click a following slide…