THE INFORMATION IN THIS ARTICLE APPLIES TO:

• All products, all versions

QUESTION

Why does the help file or website page not displaying correctly in my browser?

ANSWER

Every browser—and browser version—has different code for how to display pages. While Globalscape tests each of our product and website releases on the latest browser versions, browser manufacturers also continue to update their products to keep ahead of the latest security issues. (For this reason alone, you should always update your browser when prompted to do so.)

Sometimes a browser update will change the way the browser works after we release our software, causing our web-based pages to not display correctly.

Other times, web pages are not displaying correctly because the browser is configured by default to cache (store) web pages from previous times that you've viewed it. They do that so the page will display faster; however, you might not see an updated page, but the older page that is stored on your hard drive.

When you are not seeing web pages correctly, try the following tips to correct the problem. If that doesn't work, let Globalscape Support know about the issue so that we can correct it.

1. Open the web page in a different browser. That is, if you normally use Internet Explorer, open that same page in Google Chrome.
2. Navigate to the browser’s home page (click the house icon), clear the cache, close and reopen the browser, then open the page again. If that doesn't work:

In Mozilla Firefox, click Tools > Options > Privacy & Security. Under History, click Clear History.

In Microsoft Internet Explorer, click Tools > Delete browsing history. In the dialog box that appears, ensure the check box for Temporary Internet files and website files and for History are selected, then click Delete. (Clear the check box for Passwords and Cookies if you want to keep those.) To find the version number, click Help > About Internet Explorer. To prevent saving pages in the future, click Tools > Internet Options, then under Security, select the Empty Temporary Internet Files folder when browser is closed, and then click OK.

In Google Chrome, press CTRL+H, then click Clear browsing data. In the dialog box that appears, select the items that you want to clear, and the click Clear Data. Ensure that the Browsing history and Cached images and files check boxes are selected.

3. Update your browser.

To update Firefox, click General, and scroll down to Firefox Updates. There you can see which version you are using and whether an update is available. If you click to "Automatically install updates" then you will always be on the latest--and most secure--version.

Chrome is updated automatically, but you can verify this and see the version number by clicking the 3 dots icon > Help > About Google Chrome.

In Internet Explorer and Microsoft Edge, click Start > Settings > Update & security > Windows Update, and then click Check for updates.

4. After you've cleared the browser cache and updated the browser, close the browser and reopen it, and then to go to the page that was not displaying properly.

   If it is still a problem, please let us know.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT™ version 7 and later

QUESTION

How can I use SSL/TLS termination at F5 Load Balancer?

ANSWER

For the Load Balancer to be used as a termination point for SSL, the following needs to be implemented. This procedure allows the Load Balancer to be in charge of the encryption for an SSL connection instead of EFT. This allows for the customer to have multiple SSL applications use a central repository for certificates. EFT will just make an HTTP connection to the DMZ and the DMZ will make an HTTP connection to the Load Balancer. The Load Balancer will then make an HTTPS connection to the remote connecting party.

Overview of problem:

1. Client makes request to F5 as "HTTPS://<address>"
2. F5 acts as a reverse proxy and converts the HTTPS request to HTTP.
3. F5 sends this request to the DMZ Gateway as HTTP.
4. This request is shuttled through DMZ to EFT as HTTP.
5. Since a partial address was used, EFT responds with "302 Moved temporarily" and sends the full address of http://<ip address>/EFTClient/Account/Login.htm. It sends http because the connection to the Proxy>EFT was over HTTP, so it assumes http is the correct protocol to send in the response for the redirect.
6. Connection is sent back to F5 over HTTP.
7. F5 receives server response and attempts to reroute back to source/client.
8. Client receives the address http://<ip address>/EFTClient/Account/Login.htm and tries to connect to it. This is invalid. The F5 does not accept HTTP requests.

What needs to happen:

1. F5 receives server response and proxies the connection back to the X-Original-Protocol: HTTPS.
2. Client receives the address https://<ip address>/EFTClient/Account/Login.htm and successfully connects.

Resolution:

1. Create a certificate to use on F5 for SSL offloading, if not already done.
2. Ensure that the HTTPS virtual server SSL Profile (Client) property is configured to use the certificate.
3. Change the default pool for the HTTPS virtual server to point to the HTTP pool.
4. Create an iRule (as shown below) to add the appropriate header and add it to the HTTPS virtual server.

Here is the iRule:

when HTTP_REQUEST {

HTTP::header insert "X-ORIGINAL-PROTOCOL" "https";

}

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT™ v7.1 and later

QUESTION

How does Insight see a Stop action when determining success/failure of an Event Rule?

ANSWER

Insight treats a Stop action as a succeeded Event Rule action, but the action that triggered the Stop will be failed.

Insight looks at all of the actions in an Event Rules to see if any actions have failed. If you have a Stop action, the Stop action will succeed, but the action that triggers the stop will be failed, and thus the Event Rule will be failed. So if there is any failed action in an Event Rule, that Event Rule will be interpreted as failed. (Like an AND condition, instead of an OR.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7.4.7 and later

DISCUSSION

The attached document provides an overview of logging available in EFT.

For more information, refer to the EFT online help section about logging.

• EFT Enterprise v 7.4.5.3 and later
• EFT Enterprise v7.3.9.3 and later (in the 7.3 line)

DISCUSSION

When the following registry setting is true, then users will always be enabled for an EFT AD Site. EFT user list will always show the user as enabled, if if disabled in AD. If the user is disabled in Active Directory that user cannot login. If the user is Enabled in Active Directory the user can log in. (EFT respects the user access privilege from Active Directory.)

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.3\

Type: BOOL

Value name: ADUsersAlwaysEnabled

Default Value: false

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Setting this to true will make the Cloud Download Action replace incorrect characters with underscore (instead of URL-encoded string)

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: BOOL

Value name: CloudDownloadActionSanitizePathWithUnderscores

Default Value: false

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Defer checking if a connection is allowed until the IP address is known from the receipt of X-Forwarded headers. (Use behind AWS Load Balancer)

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: BOOL

Value name: DeferAllowedConnectionsCheckForXForwardedHTTPHeaders

Default Value: false

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

SYMPTOM

Performance times accessing EFT are too long (around 30 seconds) when accessing via FileZilla.

WORKAROUND

Performance time can be improved when ignoring folder encryption status.

Set the following registry key to true.

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.3\

Type: BOOL

Value name: IgnoreFolderEncryptionStatus

Default Value: false

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Specify maximum number active CAPTCHAs.

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: DWORD

Value name: MaxCaptchaInstances

Default Value: 100

Minimum Value: 0

Maximum Value: 4294967295

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Specify maximum number of Cloud Monitor executor threads per EFT Site.

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: DWORD

Value name: MaxCloudMonitorExecutorsPerSite

Default Value: 16

Minimum Value: 1

Maximum Value: 128

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Override number of DMZ Gateway connection retry attempts before next address resolving.

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 4.0\EFTClient

Type: DWORD

Value name: gw_retryattempts

Default Value: 10

Minimum Value: 0

Maximum Value: 4294967295

Cached: no

Backup/Restore: no

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• CuteFTP, Windows version 9.x and later

SYMPTOM

The program can't start because a DLL is missing from your computer.

WORKAROUND

The problem is that the Visual C++ Redistributable failed to install.

The fix is to go to https://support.microsoft.com/en-us/help/2999226/update-for-universal-c-runtime-in-windows to download and install the file specific to your operating system, or install/update Windows 10, which installs the necessary DLL.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT, v7.4.7 and later

SYMPTOM

Advanced Workflow Engine (AWE) Task Builder unable to launch

WORKAROUND

Close and reopen the administration interface with the EFT "Server admin" account, or rename/delete the automatedworkflow.xml file. This file is created by default in the C:\Program Files (x86)\Globalscape\EFT Server Enterprise\AWE\bin folder.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• All products

QUESTION

Do your knowledgebase and help articles use tracking cookies?

ANSWER

A "cookie" is a small text file that is stored on computers, tablets, mobile phones and any device used to browse the Internet, capable of storing navigation information for statistical or functional purposes. Some cookies may be used to recognize the user viewing a particular website, make navigation easier, and customize the content. Because we respect your right to privacy, you can choose not to allow some types of cookies. For further details, please see our Privacy Policy. .

The cookies your browser uses differ between Globalscape’s knowledgebase/help articles and other sub-domains and websites. The knowledgebase and help articles use browser cookies only to save your search history so that you can quickly and easily go back to a previous page you've found. No personal information is transmitted to third parties.

Browsers have cookies enabled by default, because some websites can't function properly without them. It is always a best practice to clean up your data not only for privacy, but also to clear up that space on your hard drive where cookies and browsing history are saved. If you want to change your cookie settings, including disabling or clearing cookies, follow the procedure below for the browser you're using. (You can also change your cookies preferences in our Cookies Preference Center.)

Before you clear the cache (browser history), click the Home icon and close all of the other tabs. 

• In Mozilla Firefox, click Tools > Options > Privacy & Security. Under History, click Clear History.
• In Microsoft Internet Explorer, click Tools > Delete browsing history. In the dialog box that appears, ensure the check box for Temporary Internet files and website files and for History are selected, then click Delete. To prevent saving pages in the future, click Tools > Internet Options, then under Security, select the Empty Temporary Internet Files folder when browser is closed, and then click OK.
• In Microsoft Edge, click Settings > Clear browsing data. In the dialog box that appears, ensure the check boxes for data you want to clear are selected, then click Clear. To prevent saving data in the future, turn on Always clear this when closing the browser. Here, you can also clear Bing search history and your data in the cloud.
• In Google Chrome, press CTRL+H, then click Clear browsing data. In the dialog box that appears, select the items that you want to clear, and then click Clear Data. Ensure that the Browsing history and Cached images and files check boxes are selected. 

For further information about cookies, visit www.allaboutcookies.org.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7 and later

QUESTION

Can I turn on logging for specific event rules?

ANSWER

Yes. As explained in the logging.cfg file, you can enable logging for a specific event rule:

Refer to the help topic "EFT.log File" in your version of EFT help for details of editing the logging.cfg file.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7.4 and later

DISCUSSION

Log levels in EFT all default to the TRACE (INFO) setting, which is standard or typical logging. If you need more details in your logs, change the logging configuration to extended or verbose log level in logging.cfg (i.e., to DEBUG). This extended level of detail in your logs will help you pinpoint where the trouble lies.

For example, with the SSL logging level set to DEBUG, you would see whether the connection was accepted, and which protocol version, cipher, and key length were used in the connection:

DEBUG SSL <> - SSL connection accepted; protocol version = TLSv1.2, cipher = ECDHERSA-AES128-GCM-SHA256, key length = 128

Note: it is recommended that you only use verbose logging during debugging or troubleshooting. It will produce a large amount of data and quickly use up your processing speed and drive space.

Use the following example for logging SFTP information to set up a separate file appender for verbose logs, which should make data capture and analysis a bit more manageable.

1. Specify the following settings in the logging.cfg file:

log4cplus.appender.SFTPFileAppender=log4cplus::RollingFileAppender

log4cplus.appender.SFTPFileAppender.File=${AppDataPath}\EFT-SFTP-${COMPUTERNAME}.log
(This is the separate location where the logs will be saved.)

log4cplus.appender.SFTPFileAppender.MaxFileSize=20MB

log4cplus.appender.SFTPFileAppender.MaxBackupIndex=5

log4cplus.appender.SFTPFileAppender.layout=log4cplus::TTCCLayout

log4cplus.appender.SFTPFileAppender.layout.DateFormat=%m-%d-%y %H:%M:%S,%q

log4cplus.logger.SFTP=TRACE, SFTPFileAppender

log4cplus.additivity.SFTP=false

log4cplus.appender.SFTPFileAppender.filters.1=log4cplus::spi::StringMatchFilter

log4cplus.appender.SFTPFileAppender.filters.1.StringToMatch=Received SSH_MSG_KEXINIT

log4cplus.appender.SFTPFileAppender.filters.1.AcceptOnMatch=true

log4cplus.appender.SFTPFileAppender.filters.2=log4cplus::spi::StringMatchFilter

log4cplus.appender.SFTPFileAppender.filters.2.StringToMatch=Handling SSH_MSG_USERAUTH_REQUEST for user

log4cplus.appender.SFTPFileAppender.filters.2.AcceptOnMatch=true

log4cplus.appender.SFTPFileAppender.filters.3=log4cplus::spi::DenyAllFilter

2. After using verbose logging for few days (or however long is needed), copy the EFT-SFTP-*.log files to a new folder for processing. (You have to copy the log files to a separate folder for analysis because the PowerShell cannot open files that EFT is holding open.)
3. Run the attached PowerShell script (specific to this SFTP example) against those log files in that new folder from the last step to generate a CSV file with the results. Be sure to change the path in the script to the location in which you have created a new folder.

Analysis can be performed against the results easily in Excel.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7.2.1 and later

DISCUSSION

In this article, we explain how Workspaces licensing works for internal, external, and guest users, and how EFT Outlook Add-In invited guests use Workspaces licenses. 

Licensing Workspaces

Licenses are purchased per number of Workspaces owners, not the number of Workspaces created. For example, if you purchase a 25-seat license, 25 users can create Workspaces; there is no limit to the number of Workspaces each owner may possess. During the EFT 30-day trial, you can have up to 100 Workspaces owners. You can allow or deny Workspaces creation to specific users.

• If you are using an EFT version prior to 7.4.7, you should disallow the creation of Workspaces on Guest accounts to ensure that Workspaces license are available for internal users.
• In v7.4.7 and later, the ability to create Workspaces is disabled be default on the Guest Accounts Settings Template. Disabling creation of Workspaces on Guest Accounts ensures that Workspaces licenses are available for internal users. On the Connections tab, you can disable or enable the creation of Workspaces on the Guest Accounts Settings Template for all Guest accounts or on each Guest account individually.
• After a guest has been invited to join a Workspace--either from the WTC or the EFT Outlook Add-In--and has created an account and logged in, the guest account will appear (if so configured) in theGuest Users Settings Template. In EFT versions prior to 7.4.7, this account will consume a Workspaces licenses until you disallow the creation of Workspaces on that account or in the Settings Template.

Workspaces are viewed and created in the Web Transfer Client (WTC); therefore, if a user does not have access to the Web Transfer Client, the user cannot create or access a shared Workspace. If the user cannot access the WTC, the "plain text client" (PTC) appears when the user logs in.

Transactional Workspaces (via EFT Outlook Add-In)

A Transactional Workspaces is a Workspace that results from sending a file for pick up from the EFT Outlook Add-In.

• If you are using an EFT version prior to 7.4.7, you should disallow the create of Workspaces on Guest accounts to ensure that Workspaces license are available for internal users.

The recipient only has download permission on the file(s) received. Transactional Workspace participants cannot see each other and cannot subscribe to notifications.

A Transactional Workspace is different from normal Workspaces in that:

• Accepts anonymous access, if the administrator allows it and the owner/sender chooses.

• In the VFS, unregistered users will have an exclamation point on the anonymous-access folder. 

• Grants permission to download only

• Can't have participants added post creation

• Owner will have little power over it once created (but EFT Admins can delete it)

• Is private access, in that participants can't see each other and can't subscribe to notifications (although owner/sender can)

• Is represented in the EFT administration interface VFS tab using the Subject line and the sender's username

• Is represented differently in the WTC

• Content gets deleted when it expires

• Is more likely to have a shorter maximum expiration period than regular Workspaces

• Supports self-expiring, single-use file links, which are not supported in regular Workspaces

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT 7.4.7.15 and later

DISCUSSION

EFT v7.4.7.15, the Advanced Workflow Engine was udpated to a new version. In this new version, the SMTP server registry key was updated to the following:

[HKEY_LOCAL_MACHINE\Software\WOW6432Node\Automate\Automate 10\TaskService\Mail]

Values:

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT, v7.4.9

SYMPTOM

Workspaces Guest account is automatically disabled after administrator has re-enabled it.

When a new Workspace is created for a guest user, an expiration timer is set. After the timer has expired, the Guest account is disabled.

The EFT administrator can then re-enable that account. However, the expiration timer was not reset. Therefore, the Guest account is again disabled.

WORKAROUND

There is no workaround at this time, other than recreating the account. The timer reset issue is expected to be fixed in a subsequent release.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7.2 and later

QUESTION

Is calling a REST web service from AWE available in EFT Enterprise?

ANSWER

Yes. The ability to invoke a RESTful web service is included in the EFT Event Rules, documented in Invoke Web Server from URI Action. The fields in the action, such as Type, are only pre-populated if you provide a WSDL URI so that it can pull the various known values from the service description.

Keep in mind that if you’ve created, defined, or modified any variables in an AWE task, the variables and their values will be passed back to any subsequent actions in EFT. As noted in the online help, executing the AWE task requires at least one “if action FAILED then” action to be defined, including checking the box to stop processing the rule; otherwise EFT will launch the AWE process in a separate thread and it will run while EFT moves on with the rest of the rule.