https://man.liquidfiles.com
LiquidFiles Documentation

Version 3.4.9 (released 2020-07-06)

  • Security: Latest version of the puma web application server.
  • Security: Fixed an issue with a SMS delivery command that wasn't properly escaped.
  • Fixed a JavaScript issue in shares where sometimes shares ending in backspace caused uploads to fail.
  • Fixed an issue where some strftime codes (%Z) wasn't parsed properly in email templates.

Version 3.4.8 (released 2020-06-09)

  • Updated system and activity log time zone.
  • Updated SSH Rate Limit to permit removing the limit and set max limit hitcount to 99.
  • Fixed CSR generation with email address.
  • Fixed race condition in ActionScript Message Received Job.
  • Added application + security autoupdate option.
  • Added TLSv1.2, TLSv1.3 compatibility configuration.
  • Updated SAML authentication that sometimes wouldn't redirect the user back to the previously visited URL.
  • Updated the /help pages with current FileLinks.
  • Fixed an issue where emails in non-default domains sometimes wouldn't use the correct domain configuration.
  • Updated Ruby on Rails

Version 3.4.7 (released 2020-05-11)

  • If there are no access pass users, go to the message authorize page instead of the Access Pass validation page.
  • Added access_pass_url to the message_access_pass template for direct authentication.
  • Fixed an issue relating to automatically applying the April 28 hotfix for v3.4.x systems.

Version 3.4.6 (released 2020-05-04)

  • Enabling Automatic Updates will no longer update the system daily. The system will only be updated if there's an application update.
  • Fixed a problem where sometimes an incorrect version of the Postfix Mail Transfer Agent was installed.
  • Removed dependencies for enabling support access from the console.
  • Added a web based function to enable support access if the system doesn't start properly after a reboot.
  • Fixed an issue with the restoring backup function.
  • Updated the kernel update mechanism to disable the i2c-piix4 kernel module that has caused some systems to boot in emergency mode.

Version 3.4.5 (released 2020-04-28)

  • Added setting in Admin → Groups to limit sending messages to only users that already exist on the system.
  • Attachments API updates to make it clearer if an attached file has been processed by the server.
  • Added SSH Admin Rate Limit, defaulting to 5 connections in 5 minutes, the make brute force login much harder.
  • Added a setting in Admin → Groups to control Message Reply settings.
  • Fixed an issue authenticating with passwords on FileLinks.
  • Fixed an issue creating FileLinks using existing files.
  • Added client side validation of message body when using private message Filedrops.
  • Fixed an issue where users created from a SAML login wasn't redirected back to the correct URL.
  • Fixed an issue with the traffic shaper for multiple interfaces.
  • Added the recent ImageMagick Library Hotfix.

Version 3.4.4 (released 2020-04-06)

  • Added TLS Protocols and Ciphers in the webserver log (in Admin → System Log).
  • Fixed an issue where the Public Hostname in URL configuration didn't work on non-default domains.
  • Fixed an issue where the Admin → System → Network configuration didn't work on non-default domains.

Version 3.4.3 (released 2020-03-23)

  • Fixed an issue where the Share Files cache caused moved files to not be accessible.
  • Fixed an issue where Download Notifications sometimes wouldn't be sent.
  • Fixed an issue where Non-default domains wasn't accessible if Use Hostname in URL's was enabled.
  • Updated Rails version.

Version 3.4.2 (released 2020-03-10)

  • Fixed an issue where Share Files sometimes wasn't accessible.
  • Added Access Pass to the Email Template Editor

Version 3.4.1 (released 2020-03-02)

  • Fixed an issue where it was possible for users to update other users contacts.
  • Use Referrer validation of uploads and only permit session logins from valid Referrer location (potential CSRF issue).
  • Fixed an issue with LDAPs authentication where validate certificate and validate hostname was sometimes not used properly.
  • Fixed an issue with Filedrop Pre-Fill parameters.
  • Fixed an issue where the Use Maps setting wasn't always honoured when disabled.
  • Removed beta expiration (should have been removed in v3.4.0).

Version 3.4.0 (released 2020-02-27)

  • Version 3.4.0, please see the major change list below to see what's changed since v3.3.x.

Major changes from version 3.3 to version 3.4

  • Added Reply function to Secure Messages.
  • Reworked external user authentication using a new function: Access Passes.
  • Updated Admin/Activity Log and Admin/System Log to be searchable on domain names.
  • Added Filedrop Delivery Actionscript
  • Added Group Based Message Delivery Actionscript
  • Added Message Parameters Actionscript
  • Added Terms of Service Application log.
  • Added a setting to enable external users to send files to non-local users (requires license).
  • Reworked the Application Log (Admin → Activity Log) to display log in JSON format.
  • Reworked the underlying log functions to do reverse DNS lookups in the backgroup unless results are cached.
  • Reworked System Log and Activity Log to store only the last X number of records, instead of keeping everything for 3 months (System Log) or 1 year (Activity Log).
  • Added configuration for number of System and Activity Log records to store.
  • Added Brute Force Protection to FTP/SFTP logins.
  • Added IP based/Firewall blocking of specified Hosts/IP addresses or Networks.
  • Reworked the interface and all Brute Force and Firewall blocking is now visible in Admin → System → Firewall.
  • New systems created from v3.4 and onwards will have a simplified disk partitioning layout.
  • Automatic disk expansion of root and data disk partitions (automatic root disk expansion requires the simplified disk partitioning from v3.4).
  • Improved Ingress traffic shaping.
  • Updated Public Hostname configuration with better hostname redirect URL and hostname matching configuration.
  • Use relative redirect URLs in nginx (prevents ip address leakage).
  • Added LDAP Configuration to validate the server certificate when using LDAPs.
  • Updated Strict Transport Security timeout to 2 years.
  • TLSv1.3 and TLS cipher updates.
  • X-Frame-Options -> CSP Frame Ancestors.
  • Internal code cleanup and reoorganization.
  • Updated Ruby, Ruby on Rails, Postgres and various libraries to later versions.