Syncplify Server! v6.0.27 released 🚨

Importance of this update: VERY IMPORTANT
Fixed
  • HAProxy headers now report the correct client IP address in the SSH2/SCP/SFTP protocol handler
  • Importers (V4/V5) now auto-sanitize all IP/Network lists by removing incorrect items
Improved
  • Decreased heap memory allocation by ~0.8%
  • Sped up file transfers by ~1.4%
  • Upgraded SyngoDB to v4.5.5
  • Radically changed validation for all APIs and database objects/structures: now anything that can be sanitized (auto-corrected) will be sanitized, and validation errors will be reported only for those rare cases in which automatic sanitization is not possible: this should reduce the number of errors returned by the Admin UI upon saving configuration changes by up to 95%
  • Most of the remaining errors are now reported with clear messages in plain English
  • Removed nearly all null values from JSON objects returned by the APIs

Upgrading from v6.0.x is a simple and fairly automatic process: simply download the latest version from the official download page, and install it over the existing version, all of your settings and license will be kept.

If, instead, you’re upgrading from an older (v4/v5) version, you find the upgrade instructions in our knowledge base.

Thank you all for trusting our software with your secure file transfers!


Blocklist mem-cache just got even better!

Just a few days ago we shared exciting news about the TTL-aware memory cache we implemented in front of our Blocklist, which was able to reduce by up to 90% the need to query the DB to check whether or not a client IP is already blocklisted.

Well, we worked hard over the weekend, and we tuned the mem-cache algorithm to achieve even better performance. Let the numbers speak for themselves:

{
  "rejectedConns" : 883,
  "addedToBl" : 4,
  "hitsOnBl" : 857,
  "hitsOnBlCache" : 855
}

That’s a 99.76% effectiveness rate. On to the next task now…


Testing the blocklist cache

Every Syncplify Server! operator is familiar with Syncplify’s ProtectorTM technology, which prevents attacks and hacking attempts, and automatically puts the attacker’s IP address in the blocklist (formerly known as “blacklist”).

But in every Syncplify Server! version prior to v6, checking whether or not an incoming request is coming from a blocked IP address implied a query to the database, which can take a millisecond or two. In v6, though, we have now implemented an in-memory cache with automatic TTL, which effectively reduces the number of such DB queries by up to 90%, and the time taken from milliseconds to just a few microseconds (yes, it’s up to 1,000 times faster than querying the DB).

Here’s a blocklist usage and cache-hit report for the past 2 days of operation of our honeypot:

{
     "rejectedConns": 2331,
     "addedToBl": 2262,
     "hitsOnBl": 2250,
     "hitsOnBlCache": 1985
}

Out of 2250 blocklist hits, 1985 (88.22%) were gracefully handled by the in-memory cache.