THE INFORMATION IN THIS ARTICLE APPLIES TO:
EFT v8.0 and later store Advanced Properties in a JSON file. When you upgrade to EFT v8, the non-default settings that you have defined in the registry will be added to the Advanced Properties file during upgrade. (Default settings become part of the EFT configuration files.) For more on how to use advanced properties, and for a spreadsheet of the advanced properties, please refer to the "Advanced Properties" topic in the help for your version of EFT.
DISCUSSION
The domain (host) values in EFT are automatically accepted when included in host headers. This applies to the Server administrator listening IP on the Server > Administration tab, and all of the listening IPs, IP ranges, and host name in the Domain box on the Site's Connections tab. To add additional trusted domain and IPs, you can create a whitelist in the registry that will apply to all Sites and the Server.
To specify a whitelist of additional, trusted domains and IPs that EFT can accept:
In EFT v8 and later:
Add the name:value pair to the AdvancedProperties.JSON file in EFT's \ProgramData\ directory as described in the "Advanced Properties" topic in the online help for your version of EFT.
{
"AllowedHostHeaderList": globalscape.com,127.0.0.1
}
Value: Site Domain (on the Connections tab), Site listening IPs
In versions prior to v8.0:
Create the following registry setting:
HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\
Type: STRING
Value name: AllowedHostHeaderList
Default Value: Allowed host header values are:
- Site Domain (Connections tab)
- Site listening IPs
Restart Required: yes
Backup/Restore: yes
- Multiple values should be comma delimited.
- If you try to connect to an EFT server with a host header that is not on the list, you will see a 404 error.
When a connection is attempted: