What's New in EFT?

Below is a high-level summary of changes in this version of EFT, with links to relevant help topics. For a detailed log of changes and fixes, refer to the release notes in the Client Success Portal.

NOTE: If you don't have an account for the Client Success Portal, create an account using the name, email address, and serial number registered for your purchase.

Review Upgrading the Software and the Upgrading EFT knowledgebase article before upgrading.

Refer to the COM API Reference for details of changes to the COM API.

v8.1.0.16, June 5, 2023


EFT Event Rules

  • Fixed an issue where EFT event rules configured with Matching File names set to Numerate on local file uploads would not numerate the initial file properly.

EFT Security Updates

Previous Releases

v8.1.0.14, April 5, 2023


  • Updated OpenSAML OpenSSL library to v1.1.1t (libcrypto-1_1-x64.dll and libssl-1_1-x64.dll); everything else SSL-related uses OpenSSL v1.1.1o.

  • Added exception handling on Azure blob::download_attributes function calls


  • File rename not working after upgrade

  • Unable to pass "/*.*" to AWM from EFT Event rule

  • AWS Cloud download performance is more then 5 times slower then in 8.0.7

  • Folder Monitor rules stopped moving files that start with a Period

  • Overwrite function is not working properly

  • AWS upload action crash reported by customer

  • Username and Passwords in plain text in Workspace Log

  • REST API help causes UI hangs

  • Reset Password does not work in case of invalid username and email

  • Uploads per Session does not work properly with HTTP/HTTPS threads

  • EFT is incorrectly prefixing path with site root in AWM event rule variable

  • FS.PATH variable is not updated after move offload action

  • Overwrite in download action is not working properly for destination virtual path case

  • Documentation link for REST API reference is broken

v8.1.0.11, October 31, 2022


  • Fixed an issue where Timer Event Rules configured for Daily runs would not trigger on Monday.

v8.1.0.9, August 5, 2022

New Features

  • Added ability to upgrade a High Availability cluster with zero downtime

  • Added ability to specify upload quota for virtual folders

    Added ability to map virtual folders to cloud storage

  • Added ability to map Site root folder to cloud storage

  • Added "Zip Plus" folder downloads in Workspaces for guest users

  • Added context variable %USER.HOME_FOLDER_PATH% to provide entire path to a user's home folder (for example, C:\InetPub\EFTRoot\MySite\Usr\asmith)

  • Added 5 free Workspaces seats when HTTPS module is licensed

  • Added ability to group Advanced Workflows in folders

  • Added ability to select multiple event rules in the EFT admin interface and move them to a folder in the Event Rules node

  • Added support for using compress/ decompress Action in Remote Agent Rules

  • Added ability to export RAM status to CSV or ARM

  • Added Advanced Registration Options and registration support for migrated environments

  • Added SSL Cert Rotation Period Notification (PCI 3.6.4)

  • Added ability to use WS_OWNER_NAME variable in Workspaces File Send template (see Workspaces Notifications)

  • Added ability to put EFT in read-only mode before starting upgrade of the HA cluster

  • New REST API features:

    • Expanded REST API coverage for VFS cloud

    • Add REST API authentication endpoint to return info about admin session

    • Added Connection Profiles endpoint to REST API (delete, get, patch, and post)

    • Added User Permission Group endpoints

    • Added last password change details to User > General tab and REST API UserID metrics endpoint

    • Added additional REST API nodes for Server, Site, Setting Templates, Workspaces, and Web Transfer Client

    • Expanded REST API: coverage for Remote Agents

    • Added ability to expose EFT templates via the REST API so customers as well as the Web Admin can directly GET/PATCH templates

  • Added Advanced Properties:

    • WTCSendEmailTimeOutMin - Sets a timeout when sending email to the user. If the time between attempts is less than timeout value, then EFT will return 412 error.

    • UploadQuotaUpdateIntervalSecs - Interval in seconds for upload quota updates to persist and propagate across HA cluster.


  • Updated EFT from a 32-bit application to a 64-bit application for improved processing

  • Updated DMZ Gateway Log4j library to v2.17

  • Updated RSA library to v8.6

  • Updated OpenPGP library to v20.0.8136

  • Updated OpenSSL library to v1.1.1o

  • EFT templates are now all in one location, ..\ProgramData\Globalscape\EFT Server\Templates


  • Fixed issue in which file upload would fail if the file size had a decimal (e.g. 49.9MB)

  • Fixed issue with Event Rule count not appearing in Status dialog after upgrading


In v8.0.7, EFT Express and Enterprise become one platform, EFT. The "core" license includes the server, the FTP protocol, and several other core features. Additional features are available as separate modules. During the 15-day trial, you have access to the core features and all of the modules. After the license is activated, the core features are still available, but you will have to activate individual modules to access their associated features.

NOTE: If you are upgrading from an earlier EFT, the features you had previously licensed continue to be available.

New Features

  • Features from EFT Express and EFT Enterprise have been merged into one EFT, with some features part of "EFT core" and others repackaged into new or existing modules. (For example, EFT Express ESM license activates the Regulatory Compliance module (RCM) when upgrading to v8.0.7.) Refer to Feature Availability for details.

    A new Enterprise Actions Module (EAM) is used to activate previous Enterprise-only features, such as executing scripts, performing folder and file operations, compressing/decompressing files, subroutines, dataset actions, and REST invocation

  • Added ability to "deregister" licenses in EFT. This is used in an event that you are moving EFT to a new computer, the wrong serial number was used on the server, the module was not supposed to be registered on the server or node, or you are moving between perpetual licenses to subscription-based keys.

  • Added new ServerModule enums to activate modules



Advanced Workflows issues fixed in continuum:

  • AWE is no longer writing to individual csv logs

    • Upgraded AWE to Automate

  • AWE is unable to connect to SharePoint because it uses TLS 1.0

    • Upgraded AWE to Automate

  • AWE is writing verbose logging to a text file, causing poor performance

    • Upgraded AWE to Automate

v8.0.6.18, November 7, 2021


  • Fixed an issue where Windows permissions were not used for NT/AD site user created by login via HTTP (TFS 381871, Case 94506)

  • Fixed and issue where users were unable to send a workspace share to existing users within a blacklisted domain (TFS 382023)

v8.0.6.16, September 21, 2021

New Features

  • Added new column named "Usage" to the OpenPGP Keyring dialog box to make it easier to choose the key to use when assigning keys in event rule actions
  • Added notification prior to key expiration settings to the OpenPGP Security dialog box
  • Added Secure File Send event triggers to create rules for message-related events
  • Added new Secure Message (ad hoc) Conditions and Secure Message Variables for use with Outlook Add-In, Send Portal, Reply, Drop Off, and Request File-related events.
  • Added Abort User Operation action to abort a Message Composed operation for Outlook Add-In, Send Portal, Reply, Drop Off, and Request File-related operations, typically because of blocked or modified content in an ICAP scan.
  • Added WTC pagination for improved user experience when there are 100s of files and folders
  • Added ability to create a user under the Guest Users Settings Template on an admin/AD site
  • Added ability to test field variables used in event rule actions, such as testing a remote connection, and provide a clear error message, such as "Parameter hostname is invalid: %IP%."
  • Added support for TLS 1.3
  • Added ability to specify cloud storage folders when creating virtual folders
  • Added Advanced Property, UserAgentHeaderMustUseOTP, to contain a list of user agents that are required to use OTP even if it is a known agent, such as CuteFTP or EFT Outlook Add-In. For example, "UserAgentHeaderMustUseOTP":["agent1","agent2","agent3"]and so on.
  • Added ability to apply a per-folder encryption key and a user home folder encryption key in the Folders to encrypt list.
  • Added ability to import and export RAM rules.
  • Added Advanced Property DisableARMBatchSQL to disable the BatchSQL feature. (It is recommended to turn it on only when large queues of requests are dropped or the order is changed, leading to a decrease in performance in ARM.)


  • Renamed some Workspaces Events for clarity of purpose
  • Updated the administrator account timeout to 5 minutes by default. After 5 minutes of inactivity, the administrator account is disconnected. (The timeout can be configured in the Account Security Settings dialog box.) In earlier versions, the default was 15 minutes. For upgrades, the timeout default is not changed; the new value only applies to new installations.
  • Enhanced EFT support of 102 response processing. "102" is an interim response used to inform the client that the server has accepted the complete request, but has not yet completed it, thus causing fewer client timeouts
  • Improved display of data in the IP Auto-Ban dialog box
  • Extended auto-ban capabilities and added two new advanced properties (AutoBanAnonymousUnauthorizedAccessServicePathAllowList, and AutoBanAnonymousUnauthorizedAccessServicePathBlockList)
  • Made runtime template variables available to other fields.
  • Updated library used by the EFT Outlook Add-In to Apache log4net v2.0.12 (minor fix release).

  • Added ability to specify more parameters in the Pre/post commands dialog box in the Protocol: Upload and Protocol Download Action for connections to a mainframe computer.

Other Fixes

  • Removed Bitvise v1.82 files; the Advanced Property "UseLegacySFTP" is no longer available.

  • Added note to Silent Command-Line Installation topic regarding installing EFT using the command line and then later upgrading using the installation wizard prevents the EFT server service from starting.

  • Added note to the Remote Agent Templates topic regarding the requirement to add a Remote Agent rule to the Remote Agent template.

  • Added note about not using disallowed characters in file names when renaming VFS folders.

  • Adding note about properly disabling TLS

v8.0.5, April 30, 2021

Web Transfer Client/Workspaces:

Several user-experience enhancements have been added or updated.

  • Updated Workspaces and Outlook Add-In to handle duplicate recipients more gracefully

  • Updated secure send feature in Workspaces to allow the administrator to control whether secure send is required, not allowed, or sender's choice.

  • Added additional language options in the Web Transfer Client (Italian, Japanese, Chinese Simplified, and Chinese Traditional)

  • Added ability for the WTC to remember the last state (open or closed) of the In Progress and History panels

  • Added time zone offset in WTC so that users can see file time stamp in their preferred time zone

  • Added ability for the WTC to display a count of total files and folders displayed, and a count of files/folders in a selected directory.

  • Added default configuration settings to the admin-configuration.json file in the WTC (The file structure where that file is located has changed to C:\Program Files (x86)\Globalscape\EFT Server\Web\Shadowfax\wtc\assets.)

  • Added ability to send file to self via CC or BCC in Workspaces

  • Added Advanced Property, "SendPasswordReminderEmailForDisabledClient": true, to not send emails for password reminders and expiration to disabled user accounts

  • Added ability to define how long password reset links should remain valid, so that administrator can reduce the risk of a malicious actor getting hold of a reset link and changing a valid user's password. The default of 30 minutes is configurable via an advanced property, PasswordResetLinkExpirationPeriodMinutes. (The Password Reset functionality is not available for AD​ or LDAP.)

  • Added authentication "smart retry logic" to EFT Outlook Add-In

  • Removed email address from registration email link

  • Added advanced property override, TunnelNonHTTPVerbs, for WTC to use POST with X-HTTP-Method-Override header for tunneling non-standard HTTP verbs instead of WebDav/MKCOL.

  • Removed deprecated web clients and updated the folder structure of the associated resources under <install_directory>\Web\

Workflow Automation:

Workflow automation, often referred to as robotic process automation (RPA), is another area with significant improvements in EFT v8.0.5. EFT now has the ability to synchronize with remote directories, mirroring local (or remote) folders, including sub-folders, with options to keep both folders fully in sync. And EFT’s popular “File” action has been expanded to include an Append function that can be used to write data to an existing file (or create one if necessary), in addition to a new Read function that can parse a file into EFT’s memory as a context variable, and finally, a concatenate function that can append one file to another.

EFT's workflow enhancements include:

  • Updated Event Rule builder design and renamed many of the actions

  • Added option to run certain actions (Execute Command, Advanced Workflow, Send Email,Event Rule Subroutine) synchronously (wait for step to complete before running the next step) or asynchronously (don't wait for the step to complete before running the next step). Be aware that all actions in the IF FAILED section are lost if the parent action is switched from async to sync mode.

  • Added ability to send an acknowledgment before a task is complete when there is an if FAILED condition; Added a new Advanced Property,WaitOnFileUploadEventCompletionBeforeSendingResult, to conserve legacy behavior of sending a successful reply is sent to the client after the File Upload trigger has completed

  • Updated Event Rule File: Operation Action to a multi-page wizard to include file operations of Read, Write (replaces Create) Rename, Concatenate, and Checksum

  • Added two new Advanced Properties to control the maximum size of the running thread pool, RunningAsyncEventsLimit, default=20, and the max size of the queued up threads, QueuedAsyncEventsLimit, default=unlimited.

  • Added new performance counters to track current thread pool and queued-up threads: Event Rules Running Async Events (Number of running asynchronous events) and Event Rules Size of Async Events Queue (Size of asynchronous event queue)

  • Added warning message when a Folder Monitor event is used to monitor a user's home folder or subfolders

  • Event Rule actions renamed and reorganized

  • Added Protcol: Synchronize action to perform single or bi-directional sync using EFT built-in client or RAM agent rules, excluding LAN copies

  • Added ability to manually trigger an Event Rule with "Run Now" to test its configuration

  • Renamed the Event Triggers "File System Events" were renamed to "File Server Events" to more accurately reflect their purpose (server processing of files)

  • Improved ICAP response handling and added support for ICAP Options.



Data security continues to be an imperative for our customers. Protecting data in transit and at rest is no longer enough if authorized users can share company confidential information with guests or external users. In previous versions, EFT provided hooks to integrate with third-party data loss prevention (DLP) solutions, but violations always resulted in blocked transfers, which resulted in a negative user experience. EFT v8.0.5 introduces support for content adaptation, where sophisticated DLP tools, such as Help System’s Clearswift DLP, can inspect and either modify or redact words or phrases within documents that it deems company confidential or PII (usually in concert with Data Classification solutions such as Titus or Bolden James). The redacted content is transmitted in lieu of the original, and administrators discretely notified, resulting a more pleasant, yet still secure, user experience.

EFT security enhancements include:

HA Cluster:

Another security enhancement in EFT v8.0.5 is the added support for Proxy Protocol, a standard created by the makers of Haproxy, widely adopted by best-of-breed client and server solutions. This protocol allows for passthrough of the client IP across proxy servers and load balancers to the origin server (EFT), which makes it easier for EFT’s Denial of Services (DoS) prevention logic to ban the offending IP address, rather than that of the proxy, regardless of the underlying protocol (SFTP, FTPS, HTTPS, etc.)

  • Improved HA cluster performance; When the Advanced Property is off (HAFullConfigDumpIntervalMins = 0 or is not defined), the full configuration is copied to the cluster share on each change. Add the Advanced Property and set it to between 1-10 minute intervals to reduce network traffic

  • Upgrading an EFT stand-alone server to an HA node in a new cluster (PDF)

  • Added ability to update web resource (\web\) in the cluster share directory (%ClusterShare%), rather than for each individual node in a cluster

Other additions include:

  • Added several Advanced Properties (see spreadsheet)

  • Added new performance counters

  • Added DNS Rerouting and logging of failure to connect

  • Added input validation to escape certain characters  that are shown in plain text, so that they aren't rendered by the email client as scripts or html, thus preventing unwanted execution of scripts

  • Added numerous COM API objects for new features. Refer to the COM API Reference for details.

v8.0.4.32, February 3, 2021

  • Added support for Twilio custom verification code

  • Updated PGP library

Additional notes for upgrading to v8.0.4.x:

  • Upgrading from EFT Express to Enterprise causes "displayFullName" in JSON file to revert to false.

  • Root ( / ) is not allowed to be the SSO Reserved Path. During upgrade, the path will automatically change to the default, /sp/samlv2/sso, with the auto-redirect check box selected. If you previously had the SSO reserved path set to root ( / ), you will need to re-register EFT (SSO SP path) in the Identity Provider (IdP) service.

v8.0.4.27, November 2, 2020

v8.0.2.23, June 15, 2020

  • Added subscription licensing for EFT and most modules

  • Restored ability to customize default values for Workspaces permissions

  • Restored ability to customize default values for Workspaces participant limits

Refer to the Client Success Portal for a list of Bug Fixes

v8.0.2.19, May 10, 2020

  • Added ability to override the port used in all workspace email notifications. This is useful when the DMZ Gateway is on a non-default port (for example, 4443) and differs from the site port (that is, 443). When enabled, all workspace emails (Send/Share/Request/etc.) will now use and append the PORT defined via the Advanced Property regardless of the Send Settings URL:PORT or Site DMZ port configuration. This property is disabled by default (ExternalLinkPortOverride)

  • Added ability for WTC reserved file/folder caching for HTTP(S) requests to cache based on file size instead of an entire directory. This property is disabled by default. (MaxCachedReservedFileSizeKB)

  • Removed ability to cache WTC reserved files/folders located under .../EFT Server/web/public/EFTClient/wtc/lib/, this property is enabled by default (CacheReservedFiles)

Refer to the Client Success Portal for a list of Bug Fixes

v8.0.2.10, March 25, 2020

  • EFT administration Changes

    • Added option to enable FACT table updates for ARM reporting

  • Advanced Properties

    • By default, EFT uses non-exclusive file-sharing mode (file locking) when processing file uploads. When the advanced property UseExclusiveSharingModeForUploads is defined, EFT can be configured to use exclusive sharing mode for uploads

    • InviteeRegistrationRoute - The policy defines a title page for Workspace invitee. Acceptable values are "LoginPage" (for user who already has an EFT account) "LoginPageForDomainUser" (for user who already has a domain account) or "NewAccountPage" (for user who has neither an EFT account nor a domain account). "NewAccountPage" is the default value.​

  • COM API (refer to COM API help for more information)

    • Added enums and a Site interface property to support the Out-of-Band passcode to pick-up files in EFT. (Please refer to the EFT administration help contents.)

    • WorkspacesOAIPasscodeProtectionType enum, used in the ICISite property, WorkspacesOAIPasscodeProtection to specify whether the EFT administrator requires a passcode, does not require, or is chosen by the email sender.

  • Web Transfer Client (WTC) & Workspaces Changes

    • Ground-up rewrite of the various portals: Request file, Drop-off, Send, and Pick-up resulting in tremendous performance gains

    • Ability to Secure Send without attachment (Send portal and Outlook Add-in)

    • Ability to redirect to login page instead of registration page for internal domains

    • Removed our legacy "Jument" WTC from the EFT installer

    • Password-protected pickup - Allow or require senders to require recipients to provide a, out-of-band passcode before accessing files

v8.0.1, February 10, 2020

v8.0, January 20, 2020