SFTPGo

Version: 2.7.1
Required minimum memory: 1280MB
Last updated 14 Mar 2026
Install now

Recent Changes

  • Update sftpgo to 2.7.1

  • Full Changelog

  • SFTPD: Added support for OpenPubkey SSH, enabling tighter integration between OpenID Connect and SFTP.

  • Enforced password validation rules also when applied through a group.

  • Fixed an issue where JSON dumps containing command actions failed to load correctly at startup when loaded as initial data.

  • Data Provider: Fixed lock handling issues during migrations that could affect MySQL when migrations are executed concurrently by multiple instances.

  • Fixed a potential path traversal and permission bypass involving specially crafted paths. CVE-2026-30914.

  • Fixed placeholder sanitization in group home directories and key prefixes. CVE-2026-30915.

  • Unified path handling: Prior to this release, the backslash character (\) was treated differently depending on the host operating system: on Linux, it was considered a standard character within a file or directory name, while on Windows, it acted as a path separator. We have now unified path handling across all platforms. Moving forward, both forward slashes (/) and backslashes (\) are strictly evaluated as path separators, independently of the underlying OS.

About

Full-featured and highly configurable event-driven file transfer solution. Server protocols: SFTP, HTTP/S, FTP/S, WebDAV. Storage backends: local filesystem, encrypted local filesystem, S3 (compatible) Object Storage, Google Cloud Storage, Azure Blob Storage, other SFTP servers.

Features

  • SFTPGo is an event-driven SFTP, FTP/S, HTTP/S and WebDAV server.
  • WebAdmin
  • WebClient
  • Both local and cloud-based accounts can be restricted to a certain base path.
  • Per-user and per-directory virtual permissions.
  • Public key, password and certificates authentication.
  • Multi-factor and multi-step authentication.
  • Active Directory/LDAP authentication.
  • Custom workflows based on server events such as uploads, downloads or schedules.
  • Disk quota and bandwidth throttling.
  • REST API for integrating with other systems.
  • You can obtain and automatically renew free Let's encrypt TLS certificates for HTTPS and FTPS/FTPES.
  • The web UIs support both light and dark modes and can be customized to match your brand.
  • Auto-blocking policy to help to prevent DoS (Denial of Service) and brute force password guessing.
  • Per-user and global IP filters.
  • Geo-IP filtering.
  • Per-protocol rate limiting.
  • Delegate user administration via roles.
  • Infrastructure as Code (IaC) support using the Terraform provider.
  • Multiple nodes/pods are supported to provide high availability/scalability.
  • Extensible via plugins.

Support Plans

SFTPGo.com offers commercial support, guarantees, and advice for your SFTPGo installation. With plans from SFTPGo.com, you will purchase a supported copy of SFTPGo that you can safely install and use in professional environments.

Install SFTPGo in a few minutes on your server with Cloudron. To install Cloudron first, follow our setup steps.
Mastodon Mastodon