Rumpus Changelog

What's new in Rumpus 9.0.5

Sep 30, 2021
  • Updated build process for M1 Macs.

New in Rumpus 9.0.4 (Jul 26, 2021)

  • When Rumpus is denied access to directory listings by the system a new Administrator Advisory warns admins about lack of full disk access. The "Download Page" file transfer option has been updated to use the HTML5 file download function, when supported by the browser. File listings in Tether are now sorted based on the default sort order for the Web interface, or alphabetically by default. The Let's Encrypt certificate generation function has been updated to report auto-renewal status and correctly set well- known folder permissions to more reliably complete validation.

New in Rumpus 9.0.3 (May 28, 2021)

  • Added Cookie Consent "Request Consent Using Separate Window" option, which removes the cookie consent message from the login box and prompts separately for the consent as needed. Corrected text display problems on the Let's Encrypt certificate management window, and others. Made code changes to address recently reported vulnerabilities, including CVE-2020-27574-6.

New in Rumpus 9.0.2 (Apr 22, 2021)

  • On application launch, Rumpus now checks to see if required libraries may need updating, and prompts to update them if necessary. Reduced SFTP message levels to prevent unnecessary error logging.

New in Rumpus 9.0.1 (Mar 30, 2021)

  • Improved error reporting in Let's Encrypt certificate function to clarify common issues when interacting with the Let's Encrypt service. Upload Center form field verification now works as expected. Added additional debug logging to help identify problem clients. Enabled Let's Encrypt automatic renewal service.

New in Rumpus 9.0 (Mar 18, 2021)

  • Updated Foundation:
  • Security and cryptographic libraries and protocols have been updated to current modern releases. This includes updating LibSSH to 0.9.X and OpenSSL to 1.1.1x, as well as corresponding updates to Rumpus functions and uses of these libraries.
  • Let's Encrypt Support:
  • Rumpus now includes the ability to directly interface with Let's Encrypt, a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). The new function allows administrators to obtain a trusted certificate at no cost, and with relative ease.
  • User Account Self-Registration:
  • Rumpus' User Account Self Registration feature allows users to connect via Web browser and gain basic access to the server without an administrator having to create a user account for them. In other words, the feature allows you to send people to your server and automatically obtain a user account for uploading, downloading and managing files.
  • Administrative Console:
  • The new Admin Console provides a deeper, more functional look at your server. A "Processes" view displays the number of sessions and/or active connections for each individual service, as well as peak usage statistics administrators can use to optimize server setup. A new "SpamBots" view shows auto- detected flagged access attempts and streamlines IP-based service bans for easier and better performance and security management.
  • Cookie Consent Request:
  • For servers that accept data from clients in the European Union, Rumpus now supports a simple and configurable cookie consent function, satisfying the GDPR ePrivacy directive.
  • Web File Manager Updates:
  • We have continued to make improvements in the Web File Manager, both behind the scenes (often HTTP protocol updates to improve security and browser compatibility) and in the user interface.

New in Rumpus 8.2.14 (Jan 29, 2021)

  • Significant changes to the SFTP service have been implemented to improve stability and performance. Drop shipments sent via Tether by OD authenticated users are now more reliable.

New in Rumpus 8.2.13 (Jul 26, 2020)

  • Added a check and warning to help administrators set up Rumpus with "Full Disk Access" on OS X Catalina and later. Corrected a bug that caused drop ship file uploads from Tether clients to be mishandled for users authenticated via Open Directory. Added some localized text to the Spanish language Web interface.

New in Rumpus 8.2.12 (Jul 26, 2020)

  • Fixed a bug that caused some Tether drop ship pickups to fail. A security flaw that could potentially allow authenticated users to access data outside their normal scope has been corrected.

New in Rumpus 8.2.11 (Mar 1, 2020)

  • Corrected a low priority display and security issue in the Web interface.
  • Corrected a very rare potential FTP path reduction issue.
  • Updated Backup Assistant to support OS X 10.14 Mojave and later.
  • Users who do not have drop ship permission no longer see the “drop ship basket” option when baskets are enabled.

New in Rumpus 8.2.10 (Mar 1, 2020)

  • Minor internal changes to better align Rumpus versions across platforms.

New in Rumpus 8.2.9 (Dec 4, 2019)

  • Corrected a potential security flaw. All Rumpus administrators are encouraged to update.


New in Rumpus 8.2.8 (Sep 18, 2019)

  • Added "CSPHeader" config option to specify a Content-Security-Policy HTTP header. Added "SMTPMailIsUserSpecific" config option to cause mail to be sent "From" the SMTP account designated in Network Settings pref.

New in Rumpus 8.2.7 (Aug 22, 2019)

  • Corrected a problem displaying thumbnail images of files with a number sign (“#”) in the file name.
  • Corrected a problem with some drop shipment pickups that require a password. Files uploaded via Tether will now be deleted as expected when file expiration is enabled.
  • Corrected a problem that caused drop shipments sent via Tether by Open Directory authenticated users to fail.

New in Rumpus 8.2.6 (Jul 29, 2019)

  • Event Notice multi-line text boxes now have smart quotes disabled for improved script execution. A security issue related to e-mail address display has been corrected.

New in Rumpus 8.2.5 (Jun 24, 2019)

  • Added config option "SFTPAlwaysSendV3Status" to improve compatibility with certain out-of- compliance SFTP clients. Other minor tweaks and corrections.

New in Rumpus 8.2.4 (May 23, 2019)

  • Corrected a bug in the password auto-generator when the minimum password length is more than 16 characters. Significant updates to SFTP engine, including support for multiple simultaneously open files and folders. Modernized file upload options. Added support for folder uploads. Added the ability to create a public access folder for serving anonymous Web content.

New in Rumpus 8.2.3 (Apr 25, 2019)

  • HTTP session IDs are now randomly generated for improved server security. When the Web File Manager "Default Sort Order" is selected as an option other than "System Order", thumbnail directory listings are now sorted accordingly. Two experimental features have been added, a "public access" Web folder and Web folder uploads. Contact [email protected] for details on enabling these features with config file edits.


New in Rumpus 8.2.2 (Mar 29, 2019)

  • A bug which could cause the server to crash when the "Alias Resolution" mode is set to "None" has been corrected. Added an option to skip the lookup of Open Directory user account e-mail addresses. When "Prevent Clickjacking" is enabled, the Rumpus HTTP service now also includes an "X-XSS-Protection" response header. Fixed a potential SFTP crash that could occur on some systems. Updated Tether service to support new features of Tether 1.0.2. When a Web Admin "Default Options User Account" is selected that has admin privileges, a warning message is displayed informing the user about a potential security issue. Added "RedirectAllHostsTo" configuration option. Made basket menu items localizable. Corrected a javascript bug that caused incomplete or non-functional Web File Manager file listings on some mobile browsers.

New in Rumpus 8.2.1 (Mar 12, 2019)

  • SFTP key generation now works correctly on older versions of OS X back to 10.6. Simple text entry boxes in the control application no longer support rich text or full text editing. The Rumpus Self-Diagnostic test now checks for port availability for all services (HTTP, HTTPS, FTP, FTPS and SFTP). The “Start Server” configuration check now includes warnings to help avoid internal port conflicts.


New in Rumpus 8.2 (Feb 18, 2019)

  • Tether:
  • Rumpus Tether is a brand new client application designed specifically for in-house users of your Rumpus file transfer server. It replaces the previous companion applications FileWatch and Rumplet, as well as local uses for third party FTP/WebDAV client applications.
  • Using Tether, your local users (or remote users who also need dedicated server access) can view, upload, download, and manage files on the server, access files recently uploaded to their content area, and create and manage drop shipments. Tether's simple interface and Rumpus-optimized features are designed to improve workflow for your entire organization. While it is available as a separate download package, Rumpus 8.2 adds support for the Tether client application.
  • Two-Factor Authentication:
  • For years, Rumpus has supported username/password authentication. Supplying a password is one way ("factor") that users can confirm their identity when logging into your server. For increased security, a second factor can now also be required.
  • When two-factor authentication is enabled, users must supply a PIN ("Personal Identification Number"), in addition to their password. The PIN is sent by Rumpus automatically via e-mail, thus confirming the user's identity by proving that they have access to their known e-mail account, as well as knowledge of their password.
  • Convenience and Security Updates:
  • A variety of lesser changes and additions are included in Rumpus 8.2, including:
  • Improved client tracking for servers behind reverse-proxies.
  • Tracking of user mobile phone numbers (primarily in support of 2 factor authentication).
  • The ability to require password protection for drop shipped files.
  • Anti-robot support for Upload Center forms.
  • "Administrator Advisories" to warn administrators of potential problems.
  • Web file listing "key press auto-scroll".
  • Security improvements, including "clickjacking" prevention.
  • Updates to OpenSSL (1.0.2p) and LibSSH (0.7.7).
  • The "CipherListCustom" conf directive allows administrators to specify the exact TLS cipher list.


New in Rumpus 8.1.16 (Jul 11, 2018)

  • Minor efficiency tweaks in the HTTP engine.

New in Rumpus 8.1.15 (Feb 26, 2018)

  • Corrected a potential security issue in the WebDAV service.

New in Rumpus 8.1.14 (Jan 27, 2018)

  • Drop shipped baskets now correctly display the files when the pickup link is clicked. The Activity Detail window now displays the remote client IP address for SFTP sessions.

New in Rumpus 8.1.13 (Dec 23, 2017)

  • Minor internal bug fixes and optimizations.

New in Rumpus 8.1.12 (Dec 23, 2017)

  • Minor internal efficiency changes.

New in Rumpus 8.1.11 (Oct 30, 2017)

  • Added config option to select among SSL acceptance modes to analyze improvements in stability and performance. The default and recommended setting does not effect functionality.

New in Rumpus 8.1.10 (Oct 6, 2017)

  • Improved efficiency of SSL connection acceptance and improved CPU usage to eliminate bottlenecks during secure uploads and downloads.

New in Rumpus 8.1.9 (Sep 5, 2017)

  • SSL cipher lists are now correctly implemented through SSL reset.

New in Rumpus 8.1.8 (Jul 26, 2017)

  • A new Drop Ship feature, "Mobile users get simple link on download page", allows mobile device users to better access drop shipped files sent using the "Download Page" transfer style. The option to download "baskets" of files in a single operation has been added.

New in Rumpus 8.1.7 (Jun 24, 2017)

  • Added support for “well-known” folder in Rumpus config folder, which allows “well known location” support in the HTTP service. Upgraded Open SSL to version 1.0.2l. Added support for DH and ECDH key exchange in SSL sessions. Revised SSL configuration options so that DH parameter keys, SSL/TLS protocol support, cipher lists, and other SSL options are assigned logically based on a single administrator option, “SSL/TLS Security Mode”.

New in Rumpus 8.1.6 (Jun 24, 2017)

  • The Rumpus SFTP service now correctly checks the Allowed/Restricted File Types options and denies uploads accordingly, when that feature is enabled. The "Password Lookup" settings have been moved to the "Appearance -> Login Page" tab in the control application, so that the feature can be configured for individual domains on multi-domain servers. Added required remote admin functions to support the upcoming Rumpus Mobile Console app for iOS.

New in Rumpus 8.1.5 (Mar 23, 2017)

  • Corrected a UI bug that could cause options on the Drop Shipment “File Pickup Options” sheet to be incorrectly disabled. In the WFM, dialog boxes that are taller than the browser window are now scrollable. A bug that caused the content search function to return incomplete results in Thumbnail View has been corrected. Aliased folders can now be sent using the Drop Ship Folder function. Corrected a bug that could, in rare instances, cause the Rumpus service to crash when drop shipped files are picked up. Added config file option “serveWithoutAuthLooseMatching” which is similar to the new “Allow QuickTime Anonymous Downloads” feature, but loosens session matching to allow for other types of content to be served under the same conditions. Added the “IncludePWDTrailingSlash” config file directive that eliminates the trailing slash from PWD replies in FTP sessions.

New in Rumpus 8.1.3 (Feb 7, 2017)

  • In The Web File Manager, user account upload:download ratio restrictions are now applied to the multi- file download function. When a logout redirection URL has been specified, drop ship pickup pages no longer automatically redirect to that page. When Upload Center forms are used on the DropBox for anonymous uploads, the form’s width is now correctly applied to the upload box size. "Save As XML File" Event Notices now correctly encode XML entities in the saved file. Rumplet has also been updated (version 1.2) so that the password field may be left blank on the settings window, which avoids saving the user's Rumpus password in the settings file and causes Rumplet to prompt for the password each time it is launched.

New in Rumpus 8.1.2 (Dec 24, 2016)

  • When files are uploaded via the Web File Manager, leading slashes ("/") are removed from filenames,

New in Rumpus 8.1.1 (Nov 25, 2016)

  • The "Check For Updates" function now correctly reports that Rumpus 8.1 is up to date. Updated OpenSSL to version 1.0.2j, and added a display of the OpenSSL version to the Network Settings window, Secure Services tab, for administrator reference. Made minor changes to WebDAV processing to improve client compatibility. Added Arabic as an option for display in the Web interface. Corrected a rare tracking problem that could cause the download progress indicator to mis-represent status of a transfer. Corrected minor IP address and port lookup/display issues in the control application. The "Configure Basket Options" button is now presented correctly when File Actions are presented as tool icons. Fixed a WebDAV problem handling filenames with extended characters.

New in Rumpus 8.1 (Nov 25, 2016)

  • Security has been a major focus for this release of Rumpus, and version 8.1 offers several significant feature updates to keep your server safe, including:
  • OpenSSL has been upgraded from the release built into Mac OS X to an embedded build of OpenSSL 1.0.2. The update not only takes advantage of updates in the OpenSSL 1.0.X branch, but incorporates support for TLSv1.1 and TLSv1.2. Administrators can now optionally disable TLSv1.0, TLSv1.1 and SSL/TLS Compression. By default, Rumpus also supports an updated list of ciphers that maximizes compatibility with slightly-out-of-date clients while ensuring the highest practical level of encryption between client and server.
  • Users can now be required to change their passwords periodically, and password strength requirements can be enforced by Rumpus. Also, users logging in for the first time can be required to set a new password.
  • In the SFTP service, we've added the ability to use private/public key authentication, in addition to username/password authentication. It's a very handy feature for clients that need to regularly transfer files with maximum security. For details, see the article "SFTP" section of the Secure Transfers article in the download package.
  • On servers that require all Web users to connect securely (via HTTPS), HTTP Strict Transport Security can now be enabled.

New in Rumpus 8.0.21 (Oct 25, 2016)

  • Corrected compatibility issues with Mac OS X Sierra. Added the “Allow QuickTime Anonymous Downloads” option, which works around an iOS 10 Safari/QuickTime bug to allow videos to be displayed on effected devices. (Because this option allows anonymous access to data, even though only under very specific and controlled conditions, it is not recommended for use in high-security environments.)

New in Rumpus 8.0.20 (Oct 25, 2016)

  • Critical Update! This release fixes a serious security issue in the Rumpus SFTP service. All Rumpus 8.0 users are strongly encouraged to update to this release, especially those who have enabled the SFTP service.

New in Rumpus 8.0.19 (Jun 20, 2016)

  • If a Web user attempts to use Quick Image Preview for a file with a long name but no filename extension, the Rumpus control application no longer crashes. For videos displayed in the Content Wrapper page, the right-click (or control-click) action menu allowing the video to be locally saved has been disabled. The “Return To Listing” button is now the default action on the “Complete” dialog box so that it closes correctly when the return key is pressed.

New in Rumpus 8.0.18 (Mar 23, 2016)

  • Corrected an Upload Center form display bug that was introduced in 8.0.17.

New in Rumpus 8.0.17 (Mar 2, 2016)

  • The FTP command “PROT”, which sets the encryption state of FTP data connections, is now accepted before (as well as after) the user authenticates. SFTP session transcripts can now be disabled (by adding “SFTPRecordTranscripts NO” to the “Rumpus.conf” file). The “old-style upload only” page is now displayed with the correct width when an upload center form is used. Form widths are also now set correctly in the Drop Box uploader. Video files are now embedded with the more modern “video” tag for better compatibility with recent versions of Safari. When performing an FTP “LIST” operation on a single file with a name that is longer than 63 characters, Rumpus now returns the correct file entry.

New in Rumpus 8.0.16 (Mar 2, 2016)

  • Increased size of Upload Center forms that can be created and edited via Web administration.

New in Rumpus 8.0.15 (Dec 22, 2015)

  • Event notices with “Send One Notice” enabled are now correctly sent at the end of SFTP sessions. Folder Sets are now correctly enforced in SFTP sessions.

New in Rumpus 8.0.14 (Dec 22, 2015)

  • Instant access bookmarks created from user accounts with “Allow User To Move Out Of Home Folder” enabled now work properly.

New in Rumpus 8.0.12 (Dec 22, 2015)

  • Made a small change to SFTP handling of the EOF callback to improve SFTP client compatibility. When user account Home Folders are created for new Open Directory accounts, Rumpus now sets the folder owner and permissions correctly. When files are uploaded via SFTP, custom file ownership and permissions are now correctly applied.

New in Rumpus 8.0.11 (Sep 28, 2015)

  • To avoid out of memory conditions, file search hierarchy scope is now limited to a depth of 16 folders. Increased maximum number of active drop ship records to 10,000.


New in Rumpus 8.0.10 (Aug 20, 2015)

  • In File Request “Picked Up Notices”, the “” token can now be used to generate a path to the uploaded file that is correct for the user account used to send the request. The content search function now returns the correct results when a user performs a search in an aliased folder. Corrected display paths in file-contents search results. SFTP service directory listings now respect the Rumpus user setting “Show Invisible Files”.

New in Rumpus 8.0.9 (Jun 18, 2015)

  • The Event Notice "transfer type" token now correctly identifies transfers as having been made via SFTP or WebDAV. Corrected a problem returning directory listing responses to the new MLSD FTP command. Added configurable limits for user downloading of multiple files/folders. Fixed a bug related to locking/ unlocking config files in version 8. Corrected a bug in server reporting that could cause FileWatch to fail to display certain active FTP sessions. Updated Web admin Event Notice creation and management.


New in Rumpus 8.0.8 (Apr 30, 2015)

  • It is now possible to provide different SMTP usernames and passwords for different users when sending mail.
  • To specify a user-specific SMTP password, add a colon (“:”) and the password to the user’s e-mail address on the Define Users window, User Info tab.
  • SSL initialization now avoids making OpenSSL function calls with null data when a certificate problem is detected.
  • Zip archives generated as a result of folder or multi-file downloads are now capped at 500 files and 300 MB of raw data.
  • Added support in FTP service for “MLSD” directory listing command.
  • Video display in the Content Wrapper page now includes a “scale=aspect” attribute to ensure that videos play with the correct aspect ration on small displays.
  • Corrected 2 crashing issues in the control application related to the Folder Triggers sheet.

New in Rumpus 8.0.7 (Mar 21, 2015)

  • Added to SFTP implementation to improve compatibility with Cyberduck.
  • Corrected Web user admin behaviors for admin accounts with “Allow User To Move...” option enabled.
  • A problem with generating zip archives for multi-file downloads under Yosemite has been corrected, and a problem that caused an unnecessary delay when downloading multiple files has also been resolved.
  • Fixed a problem with Yosemite displaying test images when using the Thumbnail Generation test.
  • Modernized empty folder check to more reliably delete folders that contain invisible files.
  • In control application, removed display of thousands separators in numeric settings fields.
  • Corrected privileges issue in control app that could cause the Rumpus daemon to fail to start or stop as needed, among other privilege failures.

New in Rumpus 8.0.6 (Feb 21, 2015)

  • A bug that caused the cancel button to do nothing in drop ship dialogs for users who do not have file upload permission has been corrected.
  • Rumpus now correctly handles HTTP byte-range requests that do not specify an end to the range. (Corrects a problem with Google Chrome streaming video files.)
  • The privileged helper tool has been rewritten to resolve inconsistent installation issues on Yosemite Macs.

New in Rumpus 8.0.5 (Dec 13, 2014)

  • When SFTP clients check the status of files and folders that don't exist, Rumpus now returns the correct error code. (Solves a problem uploading folders through FileZilla.)
  • Rumpus SFTP now supports delayed compression, making it compatible with FTP clients that require it (Cyberduck, for example). The config- file feature "UseDefaultHostInDropShipURLs" has been reintroduced.
  • SFTP sessions are more gracefully terminated. (Rumpus now correctly supports the session-ending EOF packet.)
  • The Extra Action response message can now include Event Notice tokens.
  • Transcripts saved to ".tscpt" files now include the session ID and login time stamp.
  • The "Drop Ship File" option can be eliminated for users who can drop ship files by adding the directive "DropShipExistingFilesOnly YES" to the "Rumpus.conf" configuration file.
  • When authenticating via Open Directory, user account names can no longer begin or end with a space, avoiding a duplicate home folder creation problem.
  • Three choices of alias resolution are now supported: "None" disables aliases and increases overall file system performance.
  • "Classic" resolves traditional Mac OS aliases as created in Mac OS 10.9 and earlier.
  • "Modern" uses updated file system resolution functions for best compatibility with OS X Yosemite and later.
  • The length of left and right header text in the Web interface page header can now be up to 63 characters.
  • Certain pre-authenticated Web accesses no longer trigger the failed connection counter to avoid false positive hack attempt detections.

New in Rumpus 8.0.4 (Oct 23, 2014)

  • Clients caught in "session timeout limbo" are now logged out to avoid excessive timeout check requests.
  • The "Extra Action" can now be correctly configured when file/folder action options are displayed as tool icons.
  • Eliminated "Server Returned Error" dialog that could occur in special cases (like when a client computer goes to sleep during a WFM session).
  • Failed SFTP logins are now tracked more reliably, improving detection of SFTP spambots.
  • In WebDAV and SFTP sessions with Folder Sets applied, where a folder entry is not applied to it's sub-folders, the correct privileges are now enforced.
  • Rumpus 8.0.4 is fully compatible with OS X Yosemite.

New in Rumpus 8.0.3 (Aug 26, 2014)

  • Corrected a link problem on the "pre-login" message WFM page.
  • Corrected a bug deleting Folder Set entries that could cause the Rumpus control application to crash. When files are modified via WebDAV, FTP, FTPS or SFTP, WFM thumbnail images are now updated accordingly.
  • Thumbnails are now correctly displayed for files with apostrophes and other special characters in the name.
  • Welcome messages displayed to users who can only upload files are now presented and can be dismissed correctly.

New in Rumpus 8.0.2 (Jun 25, 2014)

  • Corrected the "Log In Again" link on the Logout page. Corrected a problem with the "Create New Folder" function in the "Define Users" Web administration interface.
  • User account names and passwords are now correctly limited to 31 characters in the Web admin interface.
  • Improved compatibility with iSkysoft Web browser plug-ins.
  • Rumpus now correctly clears quick image preview and meta-data files when files are deleted or replaced.
  • When a drop ship recipient accesses a drop ship URL that is password protected, and the user supplies an incorrect password, the page now reloads to prompt the user for the password again.
  • Corrected a "busy wait" (unnecessary CPU utilization) problem in SFTP service.
  • The maintenance update checker now links to the Maxum Downloads page rather than trying to merely update the daemon (or failing to connect to the updates server).
  • Corrected an MSIE 6/7 display bug that caused boxes to display half-off screen during drop ship file pickups.
  • If a "Logout URL" is specified (on the Web Settings window, Options tab), and a drop ship recipient picks up a file via the "Download Page" option, Rumpus will now display the "Complete" message, wait 5 seconds, and then redirect to the Logout URL supplied.
  • The Drop Box function now works correctly (with proper progress indicators) within a frameset served from another page.
  • The SFTP service now blocks clients denied access in the "Blocked Clients" list, and tracks failed login attempts in the Hack Attempt Recognition function.
  • Clients using Microsoft Internet Explorer versions 8 or before can now reliably pick up drop shipped files.
  • Added the "Drop Ship Pickup URL Prefix" option, allowing drop shipment URLs to be manually specified via server administration.
  • The "Drop Ship Selected Files" multi-action option is now available for users with drop ship capability in folders where a Folder Set disallows file uploads.

New in Rumpus 8.0.1 (May 21, 2014)

  • Altered XML file output so that when form field data is included in the upload, the corresponding fields are included within the "FileInfo" container. A few text strings which were always displayed in English are now localizable. Corrected a problem that caused a crash at login when the WFM language was set to German. Made minor adjustments to Web interface templates to clean up minor issues. Added config option to remove "Logout" button from WFM interface. Corrected a bug that could cause a crash in thumbnail directory listings when space allows for only 1 column. The correct login page is now sent to iPhone Web File Manager clients. Added an option ("Require At Least 1 File To Be Uploaded") to Drop Box settings, allowing drop box forms to be submitted without requiring users to select and files for upload. When applying an update from Rumpus 4-7 to version 8, the File Actions Setup Assistant now automatically opens, with descriptive information dialog box. Also, the File Actions Setup Assistant now also includes the option of using a "Simple Link" for the primary file link. Corrected a progress indicator display bug when a drop shipment completes. Added "Basic" debug log information providing client activity detail when too many connections force a service to block new user connections. Corrected a bug that caused the "ThumbnailFolderName" config option to fail to display thumbnail images, and added a field (on the Web Settings window, Advanced tab) to set the option in the Rumpus application. Added Secure Services options to disable SSLv3 and TLSv1 encryption types. (Note that use of TLS 1.1 and later requires OpenSSL 1.0.1g or later on the server Mac.) Improved SFTP service and compatibility with various SFTP clients, including Yummy and Forklift. Corrected a bug that caused the "Download This File" button on the Content Wrapper page to fail in some cases. When a user has neither "view directory" or "upload files" permissions in a folder, the upload form is now eliminated. (In 8.0, the upload form was present but non-functional.) Improved handling of special characters ("", "&" and "#") in WFM file and folder names. The "Save Data File" Event Notice type now appends new data to existing files, rather than replacing data from previous uploads or downloads.

New in Rumpus 8.0 (Apr 14, 2014)

  • Rebuilt Web File Manager:
  • The Rumpus Web File Manager (WFM) has been rebuilt from the ground up to be easier to use, more flexible, more efficient and include new features. Almost every element of the Web interface is now customizable right from within the Rumpus application.
  • File and folder menus are now completely customizable, and the same menus are displayed in both standard and thumbnail directory listing views.
  • Setup wizards allow administrators to quickly define color pallets and basic options, and then individually fine tune the display of dozens of different elements.
  • Action buttons can be displayed in different styles, with more fine tuning controls, and in different positions within the interface.
  • Progress indicators have been simplified and improved, and can now be displayed for file downloads as well as uploads.
  • The data required to deliver Web interface pages is up to 50% less than in past versions, while being presented in a more modern, cleaner style.
  • For Drop Ship users, the new Web interface includes a drop ship history, allowing senders to view past shipments and easily copy/paste previous URLs for resending.
  • Users can now move files between folders, without transferring them to and from the server.
  • Video files can be displayed in a branded display interface which includes a “Download Now” option for permanent retrieval of the file.
  • SFTP Service:
  • Rumpus now supports SFTP clients, in addition to HTTP, HTTPS, FTP, FTPS and WebDAV. User accounts and restrictions are applied just as they are in any other protocol. Just turn on SFTP service in Rumpus (a 10 second task) and your clients can use any standard SFTP client to transfer and manage files.
  • New Event Notices:
  • New Event Notice types can save text or XML files when users upload files. Handy for use along with Upload Center forms, this makes it easy to prompt users for information about uploaded files and record meta-data about uploaded files.
  • Auto-Complete Form Fields:
  • Administrators can now create lists, which can be used in form text fields as prompts for users during data entry. For example, you might create a list of all the e-mail addresses of people in your company, and assign it as an auto-complete list for an "e-mail" Upload Center field. Auto-complete lists can also be applied to File Request and Drop Ship mail fields, making it easier for local users to address messages sent by Rumpus.

New in Rumpus 7.2.16 (Nov 21, 2013)

  • Corrected a password encoding bug that occurred when changing the "Store Passwords" option.
  • An administrator option has been added to allow local users to connect to the WFM using standard HTTP, even when "Redirect All To HTTPS" is enabled. To enable this feature, open the Rumpus.conf file and add the line 'LocalSubnet "192.168.1."', replacing "192.168.1." with the subnet that should be allowed to access the server by standard HTTP. The option to allow users to change their password now works correctly when strong password encryption is enabled.
  • Corrected a problem that could cause, under rare circumstances, drop ship file "picked up" notices to be sent to the wrong e-mail address.

New in Rumpus 7.2.15 (Sep 25, 2013)

  • A problem saving files sent via FTP ASCII mode when clients fail to send proper CR/LF line ending pairs has been corrected. In WebDAV directory listings, Rumpus now returns an essentially empty first listing record to address compatibility issues with some WebDAV clients that expect it. Memory management has been improved and a potential buffer overrun problem has been corrected.

New in Rumpus 7.2.14 (Aug 8, 2013)

  • The Rumpus WebDAV service now supports byte range requests for file downloads, improving compatibility with some WebDAV clients (including the Mac OS X Finder).

New in Rumpus 7.2.13 (Jun 27, 2013)

  • Corrected MSIE extended character processing that caused problems in Web admin interface and Quick Image Preview display for Internet Explorer users.
  • Added "Login Page Logo" and "Listing Page Logo" options to Web server admin "Web Settings" administration page.
  • When creating a new Upload Center form by duplicating an existing form, the selected form is now correctly used as the basis for the new form.
  • When the Web admin interface is used to select a new Transient Data Storage Folder, the needed sub-folders are now automatically created.
  • WebDAV sessions now have a confirmation cookie set, avoiding problems related to basic authentication.
  • Corrected a problem saving changes to user accounts via Web administration when the user account name is very long.
  • When the "Allow Non-Empty Folder Deletion" option is enabled for the default WFM domain, FTP clients can also delete folders even when they are not empty.

New in Rumpus 7.2.12 (Apr 20, 2013)

  • When the Rumpus control application is run remotely, the "Web Settings" window "Open WFM In Web Browser" function now opens the WFM using the remote server address, rather than the local host address.
  • A problem drop shipping files that already exist on the server and that have percent signs in the filename has been corrected.
  • Added a config file option ("AdminHomeFolderFromDefault YES") that causes Rumpus to create new user account home folders in the default user account home folder, rather than the administrator's home folder, when using the Web admin account management function.
  • Special characters (such as "&", "#", etc.) can now be used in drop ship pickup passwords.
  • In the Web File Manager, when the content wrapper page is used to display a video file, and the file exists in the content area (meaning that for drop shipped files, the drop ship link was sent for a file that already exists on the server), Rumpus will now automatically scale playback to the native size of the video.
  • Corrected a problem completing drop box uploads when Rumpus is configured to allow or deny specified file types.
  • Fixed a bug that interfered with multi-file downloads when drop ship upload center forms are used.
  • Corrected a problem that could cause the drop ship "downloaded" count to be reset to 0.
  • Sub- administrators with a home folder of "root" can now view and manage user accounts with "root" home folders.
  • When zip archives are created, a minor bug that caused the zip utility to issue a warning has been corrected, and before a drop ship temporary folder is deleted, a check confirms that it is within the drop files folder.
  • Corrected a bug which, in rare cases, could cause WFM end user messages to fail to be displayed.
  • The Web administration "create user" function now allows special characters in user account passwords.
  • A problem processing returns in "Upload Complete" messages has been corrected.

New in Rumpus 7.2.11 (Feb 16, 2013)

  • In the process of updating Rumpus to a new version, the background textures selected for display in the Web interface are now correctly preserved.
  • A problem triggering the upload event notice for drop box uploads has been corrected.
  • Web user account administration now works correctly for Open Directory authenticated administrators.
  • When a folder is drop shipped, the "Rumpus_Thumbs" folder is now automatically excluded from the zip archive.
  • Cleaned up javascript error checking in multi-file actions.
  • A problem that could invalidate drop shipments sent for files that already exist on the server has been corrected.

New in Rumpus 7.2.10 (Jan 16, 2013)

  • When Rumplet users, authenticated via Open Directory, drop ship files, the "picked up" notice is now sent to the sender's directory-specified e-mail address.
  • When Rumpus serves files for saving to the client computer, it now includes an explicit "filename" in the HTTP "content-disposition" header field, improving MSIE download behavior for certain types of files.
  • A bug introduced in version 7.2.9 that could cause Web file uploads to fail to trigger associated Event Notices has been corrected.

New in Rumpus 7.2.9 (Jan 11, 2013)

  • Corrected a problem in Web user account home folder selection handling folder names that contain special characters.
  • Session activity tracking for Web users has been improved, including ensuring that sessions don't time out during zip archiving of multi-file drop shipments.
  • Added an option to disallow drop shipping folders when the "Include Drop Ship Link" option is enabled to allow drop shipping of files already on the server. (To prevent users from drop shipping entire folders in this case, add the line "AllowLocalFolderDropShips NO" to the "Rumpus.conf" file.)
  • Corrected a bug related to the use of very long domain names. Corrected a control application bug related to selecting header images as the "small logo" and "iPhone logo".
  • Corrected a WFM problem performing file operations on files that include a percent sign in the name.
  • The server daemon nightly restart function will now delay the restart when there are active user sessions in progress.
  • Added dedicated drop box function.
  • Improved drop ship reliability, especially in high-volume environments.
  • Added "Popular Features Setup Assistant" to simplify enabling popular features like drop box, drop shipping and thumbnail views.

New in Rumpus 7.2.8 (Nov 13, 2012)

  • Corrected a problem displaying Web admin help pages.
  • Added drop shipment and file request history logs.
  • Added new "Drop Shipping" and "Managing Your Server Via Web Browser" help articles. Added Web server admin function for managing Folder Sets.
  • Corrected bugs and made improvements to Web- based user account administration. Corrected a bug that could cause inconsistent default values to be applied to new user accounts created via Web admin.
  • Corrected a Rumplet problem opening mail applications to create new messages that include some special characters in the text of the message body.

New in Rumpus 7.2.7 (Oct 5, 2012)

  • Added a warning to the "Load Private Key" function to confirm that an existing private key is intentionally being overwritten.
  • The "Zip Compress" option in the Drag & Drop java applet is now always disabled.
  • The "Default View" thumbnail display option in the Web interface is now always correctly applied based on the appropriate WFM Domain.
  • QuickTime videos shown in Content-Wrapper pages and Quick Image Preview are now set for display in "Kiosk Mode", preventing users from casually saving videos from the display window.
  • Rumplet and FileWatch have been updated so that the drop ship function now supports the "" token, which has the same function as the token when used via Web-based drop shipping.
  • FileWatch now includes an option to put the drop ship message on the clipboard, rather than always sending an e-mail message.
  • Rumplet now includes an option the automatically open a new mail message in OS X Mail, Outlook or Entourage with the drop ship message as the new message body.
  • Rumpus now performs "full path correction" when files are uploaded from any version of MSIE, including IE 9.
  • When multiple files are uploaded via the HTML5 upload option, shell and AppleScript Event Notices are now processed with the correct path of the uploaded file.
  • Substantial additions and updates have been made to the Web-based server administration function, including a new detailed help system.
  • Administrators using Web-based user account management can now use a folder selection box to assign Home Folders, rather than typing the folder path manually.

New in Rumpus 7.2.6 (Aug 24, 2012)

  • When the "Hide Files Until Upload Completes" option is enabled, FTP uploads sent using MacBinary encoding are not hidden to avoid problems related to file naming.
  • Added "Secure Encryption" option for local storage of user account passwords.
  • A bug has been corrected that caused a corrupt drop ship file to be sent when drop shipping an entire folder or multiple files when the folder or files is in an aliased folder.
  • Moved "Uploaded File Ownership & Permissions" options to Preferences tab of Network Settings window (from "Advanced Prefs") to be more visible and accessible.
  • Corrected a bug that caused unnecessary duplicate entries to be added to the "Rumpus.uploads" database (used to delete files after an expiration date).
  • A bug which caused incorrect reporting of HTML 5 drag & drop uploaded files in the transfers log has been corrected.
  • When a WFM user doesn't have upload permission, the HTML 5 drop zone is no longer enabled.
  • When the "Delete Expired Files" option is in use, a problem deleting expired files after upgrading from older versions of Rumpus has been corrected.

New in Rumpus 7.2.5 (Aug 11, 2012)

  • Added an "expose password" button on the Define Users window allowing server administrators to view user passwords if needed. Added a password generation function which can be used to assign strong passwords. When multiple file actions are enabled, the "select/deselect all" button has been moved to the file listing title bar at the top of the list, from the bottom right corner of the listing. When multiple file actions are enabled, and users can drop ship files on the server, users can now drop ship multiple files in one package. Drop shipping entire folders that already exist on the server is now supported. The "Hide Uploads Until Complete" WFM option (on the Web Settings window "Options" tab) now applies to FTP as well as WFM uploads. Full path names sent for file uploads from MSIE 8 and before are now more reliably corrected so that the filename is accurately reproduced on the server. Basic server statistics (completed logins, bytes transferred, etc.) are now always correctly initialized at server startup time. Revised "Get Connected" help sheet, and the Setup Assistant now ends with that sheet to explain to new users how to proceed.

New in Rumpus 7.2.4 (Jul 25, 2012)

  • A problem that caused Microsoft Internet Explorer 8 Web-based user account management to generate an error when the "Edit Account" button is clicked has been corrected.
  • When the Rumpus control application is run remotely, Upload Center form data is now correctly loaded, allowing remote control users to manage and assign Upload Center forms.
  • Corrected a year-offset problem in the FTP "MDTM" command response.
  • When responding to the FTP "SIZE" command, Rumpus now sends only the byte count, without a "bytes" label.
  • In the WebDAV service, Rumpus now sends the last modification date of files in the correct format.
  • Revised the version update function. The upgrade information has been clarified, and the option to update only the Rumpus daemon has been removed when performing major feature updates.

New in Rumpus 7.2.3 (Jul 6, 2012)

  • When any service (FTP, FTPS, HTTP or HTTPS) reaches the maximum number of allowed simultaneous connections, and additional connection attempts are received, a warning message in now recorded in the Error log.
  • Corrected a bug that could cause some files uploaded through older Windows browsers to be stored with the full file path from the client, rather than just the filename.
  • Corrected a WebDAV bug related to minimizing SpotLight indexing by remote clients.
  • Fixed a bug that could cause crashing of the Rumpus control application in rare cases.
  • When Web user account administration is enabled, Open Directory users who have been granted administrator privileges can now manage user accounts.
  • Corrected a problem converting UTC and Epoch times to correct time/date display bugs.
  • When the "Always Prompt For Login" WFM option is disabled, and users send File Requests, the file upload form is now correctly displayed when guests access the file request URL. Administrative "new user account" Event Notices are now triggered.
  • New user folders automatically created by Rumpus via Web user administration are now set with ownership and permissions as defined on the Advanced Preferences sheet of the Network Settings window.
  • The Rumpus application is now signed with Maxum’s Apple developer certificate.

New in Rumpus 7.2.2 (Jun 19, 2012)

  • Fixed a bug that could cause a crash when uploading many files with Folder Triggers defined.
  • Corrected a problem that could, in rare cases, cause the first character of an Event Notice to be repeated when the notice is sent.
  • Made needed Growl notification changes for Growl 1.4 compatibility.
  • Administrative users who are allowed to manage user accounts no longer need to have full server admin privileges in order to send e-mail to end users via the Web interface.
  • Added additional error detection to Web interface progress indicator.
  • Corrected minor javascript errors and removed unused legacy scripts.
  • Improved clarity of error messages in some cases of Web upload failures.

New in Rumpus 7.2.1 (Jun 12, 2012)

  • Corrected a bug that caused the Drop Ship "Transfer Style" option to not be displayed to senders using the Web interface.
  • Updated a number of server-reference URLs in the Web interface for simplicity and correct function in reverse-proxy situations.
  • Corrected a WFM domain import bug so that all drop ship options are properly preserved when upgrading from Rumpus 7.1.9 and earlier.
  • Increased the size of the user account list that can be managed in the Web user management interface.
  • The "Please first select a file for upload" Web interface message is now localized into the selected language.
  • Corrected a problem that could cause an application crash when importing very old Upload Center form definitions.

New in Rumpus 7.2 (May 31, 2012)

  • Drag & Drop File Uploads - Files can now be uploaded simply by dragging them from desktop into the Rumpus Web interface. The new drag & drop upload function takes advantage of HTML5 (supported in current versions of Safari, FireFox and Chrome) to make transferring files via Rumpus faster and easier than ever before.
  • Expanded Drop Shipping and File Requests - Drop Shipping, introduced in recent releases of Rumpus, has proven to be very popular, so we’ve enhanced this new function even more. Files sent via Drop Shipping can now be password protected, multiple files can be sent at once (thanks to drag & drop upload selection of files), the file pickup interface can be easily customized, and file senders can have “picked up” notifications sent to anyone. File Requests have also be improved, with the simplicity of drag & drop transfers and the ability to reuse file request URLs.
  • Improved Open Directory User Authentication - Open Directory support in Rumpus has been completely rewritten to be both more efficient and more reliable. Open Directory groups can now be used to control access and user privileges within Rumpus.
  • Instant Access Bookmarks - Similar to Drop Shipping and File Requests, it's now possible to generate a URL that instantly starts a full Rumpus session. For servers where data security isn't crucial, users can make a bookmark to your site that gives them instant access with a single click.
  • Full Web-Based Remote Server Management - Almost every option available to a Rumpus server administrator can now be controlled remotely via Web browser using the new “Server Setup” Web administration function. Web administration includes full monitoring and management of active user sessions, recently transferred files, and Drop Shipments and File Requests.
  • Other Updates:
  • New Upload Center display options offer more customization options for creating end-user data entry forms.
  • The content wrapper display has been improved and can be optimized for different file types, allowing video files, images and other content to be shown within a customized interface.
  • The default “Modern” Web interface can now include a second, smaller logo for a more custom look to the server.
  • When the multi-file delete/download option is enabled, a button now allows users to select/deselect all files in a listing.
  • Various minor bugs have been corrected.

New in Rumpus 7.1.9 (May 29, 2012)

  • By default, Rumpus no longer allows the renaming of aliased folders/files. To allow alias renaming (which is not recommended but was the behavior in 7.1.8 and before), enable the "Allow Users To Delete And Rename Aliases" option on the Advanced Preferences sheet of the Network Settings window. Corrected a problem in the file search function which could, in rare cases, cause Rumpus to crash. Corrected a color display problem on the login page of the default Web interface. Added note sheet to display messages from Maxum at Rumpus application startup.

New in Rumpus 7.1.8 (Mar 24, 2012)

  • Corrected a problem that caused user accounts with spaces in the name to fail to connect via Rumplet.
  • Corrected a memory leak in the Rumpus control application that occurred when generating thumbnail images.
  • Added Rumplet for Windows to the Rumpus package.

New in Rumpus 7.1.7 (Mar 7, 2012)

  • Rumplet can now be used by people logging in via Open Directory authentication.
  • The maximum size of a single form variable processed in an Event Notice has been increased to 4000 characters.
  • The "Last Access" time for user accounts (as shown on the History tab of the Define Users window) is now displayed in a common format, including year, although user accesses made prior to updating Rumpus 7.1.7 will still be shown in the old format (which was based on the date format selected on the Web Settings window).
  • Improved support for resumed file uploads for files over 2 GB.

New in Rumpus 7.1.6 (Jan 19, 2012)

  • Added Rumplet 1.0, the desktop Drop Ship applet, to the Rumpus package.
  • Rumpus now executes shell script event notices more reliably.
  • When using the iPhone app to view user accounts, user account names that include "&" and "

New in Rumpus 7.1.5 (Dec 23, 2011)

  • Corrects a bug that causes Web interface folder downloads to fail when using the "Boxes" appearance.
  • When the "Always Prompt For Login" option is disabled, the URL returned in the HTTP redirect that establishes the session will now include query arguments sent in the initial request.
  • When the Web interface file upload progress indicator is displayed, long filenames are now truncated so that they don't extend beyond the edge of the progress dialog.
  • Corrected the tool tip text for the "Delete Expired Files" field on the Define Users window.
  • Added "EncodeSearchResultNames" config file option to have filenames in search results unencoded (implemented for better handling of Korean filenames).
  • When a possible hack attempt is detected in an HTTP session, triggering the client IP address to be added to the blocked clients list, and the HTTP connection is persistent, the connection is now dropped, reducing the possibility that malicious clients can make numerous login attempts on a single connection.
  • Growl notifications now use the GNTP growl interface, when available, for compatibility with Growl 1.3 and later.
  • Adds support for full drop ship reporting via Rumplet (coming soon).

New in Rumpus 7.1.4 (Nov 12, 2011)

  • On the "Blocked Clients" window, buttons have been added to allow for sorting and normalization of IP addresses in both the blocked and allowed lists.
  • When the FTP Root folder is changed, Rumpus will now offer to automatically update user Home Folders accordingly.
  • The "UseDefaultHostInDropShipURLs NO" configuration option now applies to both Drop Ship URLs and File Request URLs.
  • The "find files" option now works more reliably when search terms include non-ASCII characters.
  • A bug has been corrected that could cause a server crash in rare cases where File Requests are used to upload files.
  • The new Multi-File Selection upload function is now also applied to File Request uploads.
  • Added support for desktop drop shipping.

New in Rumpus 7.1.3 (Oct 6, 2011)

  • The "multi-file selection" file upload option is now enabled by default, and a few minor changes have been made to improve the multi-file help message display (including localization of the message into most supported languages).
  • Drop ship and file request notices now include the guest user's e-mail address (when the "" token is included in the message body).
  • Corrected a rare bug that could cause the selected Open Directory definition account to fail to save to the configuration file.

New in Rumpus 7.1.2 (Sep 23, 2011)

  • Improved Open Directory failed user lookup error reporting.
  • SMTP errors that occur when sending a drop ship or file request e-mail message are now correctly reported in the Web File Manager.

New in Rumpus 7.1.1 (Sep 23, 2011)

  • FTP file downloads with restricted speeds greater than 640 KBps are now processed at the full allowed transfer rate.
  • When files that already exist on the server are drop shipped, the e-mail now includes the correct file size in place of the "FILE_SIZE" token.
  • A bug that could cause remote Web account administration to be incorrectly disabled when certain Web settings options are changed has been corrected.
  • When a file request is issued by a Rumpus user authenticated via Open Directory, the "file picked up" notice is now correctly addressed to that user's e-mail address, as retrieved from the directory server.
  • Corrected a bug that caused file-direct URLs to fail to deliver the correct file after login.
  • When folders are dragged into the thumbnail display window to be marked for thumbnail view in the Web interface, Rumpus now provides an option to automatically also mark all sub-folders within the dragged folder.
  • Multi-file file upload selection is now supported in browsers that support it, including current releases of Safari, FireFox and Chrome.

New in Rumpus 7.1.0 (Jul 20, 2011)

  • Quick Image Preview:
  • Images and video files can now be displayed with a more integrated interface in the Rumpus Web File Manager. Essentially, for servers or individual folders which include primarily image or video files, Quick Image Preview (QIP) provides a simplified, streamlined appearance for review and access of those files.
  • iOS Mobile App Support:
  • Rumpus 7.1 includes support for monitoring and basic management using a new iPhone app. The Rumpus app will be available on the iTunes store soon.
  • WFM Login & Logout Improvements:
  • A new "remember me on this computer" option is now built into Rumpus, as is improved automatic session expiration with countdown timer. Other refinements and updates have also been made, including improved support for user-selectable appearance or interface language.
  • Other Updates:
  • Compatibility has been improved with a variety of iOS applications which support WebDAV file exchange.
  • Files larger than 2GB can now be uploaded via the Web File Manager, from browsers that also support large file uploads (notably, recent versions of Chrome and Safari).
  • FileWatch can now send drop ship e-mails through Outlook, as well as directly or through OS X Mail.
  • Folders can now be marked for thumbnail display and have thumbnail images pre-generated by dragging folders into the Rumpus control application.
  • Message bodies are now included for new user, user login, and user logout administrator notices.
  • Duplicate event notice e-mails are now suppressed to avoid excessive messages sent when clients perform multiple downloads of a single file (such as iPhone video playback and Finder WebDAV sessions).
  • An option has been added which prevents users from deleting aliases on the server, so that the administrator can create links to content folders which can't be inadvertently deleted by end users.
  • When a user who does not have "delete/overwrite" privileges uploads a file with the same name as one that already exists, the file can now be accepted and saved with a unique filename.
  • Drop ship e-mail messages can now automatically include the original file name, file size, and drop ship ID.

New in Rumpus 7.0.6 (May 25, 2011)

  • Rumpus now sends the correct HTTP header on secure connections so that older versions of MSIE can correctly process download files of all types.
  • A display bug that could cause confusion when the Event Notices Folder Trigger sheet is re-opened has been corrected.
  • A problem that could cause normal clients to be incorrectly added to the blocked clients list due to a rare progress indicator update issue has been corrected.
  • Event Notices triggered by Web File Manager file uploads that are interrupted before the transfer completes are now suppressed.
  • Improved the efficiency of the login page processing.

New in Rumpus 7.0 (Dec 13, 2010)

  • Administrator Notices - New administrator notification messages can be sent when new users are created via Web administration, when users log in or out, or when disk space begins to run low. Management of administration notices has been centralized on the “Event Notices” window to simplify setup.
  • Built-In SSL - Secure services are now provided within the Rumpus server engine, making Stunnel installation unnecessary. This change simplifies setup, makes HTTPS and FTPS service more robust, improves client tracking, and adds FTPS via TLS/SSL service.
  • Web File Manager - The “Modern” Web interface is now the Rumpus default appearance, and all WFM appearances have been revised and improved. For example, additional user feedback during long operations is provided, and other feedback messages are more responsive. Also, the file upload progress indicator now correctly appears within the upload page, rather than the pop-up window used in previous releases. Drag and Drop uploads are supported in FireFox 3.6, allowing users to drop files right from their desktop into the Rumpus file listing to upload. Finally, a new “Text Only” WFM appearance is now offered, improving accessibility for Rumpus servers.
  • Drop Ship & File Request Improvements:
  • Numerous improvements to guest transfer services have been made, including:
  • The "Activity" window now includes "Drop Shipments" and "File Requests" lists, allowing administrators to view pending guest transfers, and delete them if needed.
  • A number of minor bugs related to drop shipping from FileWatch and the Rumpus control application have been corrected.
  • The Web-based drop ship interface has been improved, and the drop ship URL expiration is now displayed when a file is sent.
  • Senders can also now generate a drop ship URL without sending an e-mail, so that unique file access URLs can be easily created for any method of distribution.
  • Drop ship URLs can now be set to remain valid for longer periods of time, or to never expire at all, and file request expiration can now be specified by the server administrator.
  • Control Application Changes - The Rumpus control application has been reorganized to make initial setup and ongoing management easier, with important server settings easier to find. The new "Network Settings" window includes several configuration items previously found in confusing and illogical places in the interface. Other options, including "Address To Serve On" and router compatibility settings have been simplified.
  • Open Directory Integration - Rumpus' Open Directory authentication function has been significantly updated. Directory services groups are now available, allowing different users to be granted different privileges and be assigned other unique settings in Rumpus. Also, user e-mail addresses are now pulled from the directory server, allowing users to take advantage of the Rumpus Drop Shipping and File Request functions.
  • Folder Triggers - Event Notices can now be executed based on activity in specific folders. For example, when a local users uploads a file into some other user's content folder, Rumpus can now be set to send an e-mail to that person, or take other action.
  • Other New Features & Important Bug Fixes:
  • The basic FTP service can now be disabled.
  • Field labels in the Rumpus control application are now more consistent for improved accessibility.
  • When performing a version update, WFM template updates are now applied to all domains.
  • Several bugs have been corrected to make remote administration more reliable.
  • An option to hide Web file uploads until the entire transfer is complete has been added.

New in Rumpus 6.2.10 (Jul 20, 2010)

  • A logging bug that could cause junk text to be included in the error log has been corrected.
  • In the Web File Manager, files accessed through aliases can now be reliably renamed.
  • The WFM interface has been updated for iPad access to improve scrolling in long file listings.
  • The WFM file/folder rename function now works correctly when the upload/make folder privilege is assigned via Folder Set.
  • WebDAV users logged in through user accounts with a specific configuration of folder set
  • permissions are now blocked from deleting the folder specified in the folder set (reflecting the same behavior applied to Web and FTP users).
  • The Drag & Drop Uploader applet as been updated with a new code signing certificate.

New in Rumpus 6.2.9 (Jun 19, 2010)

  • Additional security checks have been added to several WFM admin functions (remove user, view and edit user, etc.) to prevent one Rumpus administrator from working with a user account that falls outside their Home Folder.
  • When the Web admin "Create User" function fails (due to a duplicate account name, for example), the existing matching user account is no longer automatically selected and displayed.
  • Rumpus now responds to the "OPTS UTF8 ON" command with an "OK" message, avoiding warning messages in FireFTP and possibly other FTP clients.
  • When sending TLS encrypted mail, Rumpus now sends an additional greeting after starting TLS, for compatibility with the MS Exchange SMTP service.
  • A rare case where the File Request form, used with the Drag & Drop applet, would not function correctly has been fixed.
  • Drop shipments now work correctly when the sender sends the file from an aliased folder.
  • When WFM file actions are displayed as a pop-up menu, the "Send File Link" menu item is now correctly displayed as an option.

New in Rumpus 6.2.8 (May 19, 2010)

  • Added FTP control/data coordination checks to avoid problems dealing with mis-behaved FTP clients.
  • When the Drag & Drop applet is used to fill a File Request, the default "Upload Complete" message is now displayed if the File Request "Upload Complete" message is left blank.
  • Removed the "Detailed Help" text and link from the help box in a couple of languages that incorrectly included it.
  • Clicking the "reset" button next to the "Rotating Ports" option on the Advanced tab of the FTP Settings window now corrects disables the option.
  • A problem updating the files list on the "Active Users" window (and in FileWatch) has been corrected.
  • SMTP usernames and passwords can now be up to 60 characters (up from 31).
  • The Drop Ship "Begin Upload" button has been changed to "Send File" so that it makes sense when sending files already on the server, as well as those that first need to be uploaded.

New in Rumpus 6.2.7 (Apr 15, 2010)

  • Increased the buffer size for various Web interface elements, including the iPhone folder selection menu.
  • "Extra" action and file request WFM dialogs are now always opened with the correct width, as specified on the Upload Center form.
  • An "Extra" function that uses an Upload Center form with required fields is now correctly validated before the form can be submitted by the user.
  • Drop shipped files can now be set to expire after up to 3 months.
  • E-mails sent by Rumpus now include a "Reply-To" address.
  • A bug that caused drop ship files sent via FileWatch to specific end user accounts, with
  • "require login" enabled, to prematurely be reported as "expired" has been corrected.
  • The file transfers log is now properly rolled with the other logs, when log rolling is enabled.
  • Error checking has been improved for delivery of drop ship files.
  • The drop shipment database is now correctly periodically saved to avoid data loss in the event of a daemon crash.
  • A bug that could cause file requests to expire prematurely has been corrected.

New in Rumpus 6.2.6 (Apr 15, 2010)

  • Added "Drop Ship" and "File Request" privileges to user account options in the Web administration interface.
  • Corrected a bug that could cause the wrong alternate appearance to be displayed for user accounts managed via Web administration.
  • Added SSL CSR generation function to the certificate generation function.
  • SSL Keys generated by Rumpus (both self-signed and CSRs) are now 2048 bits in length.
  • The subject field of e-mail messages sent by Rumpus now uses the encoded-word syntax when the subject contains extended characters.
  • Added check to ensure Mac is running OS X 10.4.6 or later.
  • Users can now correctly rename and delete aliased folders (the alias is now processed, instead of the folder to which the alias points).

New in Rumpus 6.2.5 (Feb 23, 2010)

  • Corrected a problem that could cause a server daemon crash in rare occasions.
  • Improved efficiency of multiple file download zip archiving process to avoid a problem consuming system file handles.
  • Upload Notices with names that contain extended characters can now be deleted correctly.
  • Corrected a problem in the iPhone interface that prevented users from moving down into sub-folders when the "View Files" privilege is disabled for the account.
  • Increased the maximum size of field data submitted via Web forms (to 2k).

New in Rumpus 6.2.4 (Feb 12, 2010)

  • Added the WFM interface token "" to allow the current user's e-mail address to be displayed or used in a WFM page.
  • When an Upload Center form is displayed for a File Request upload, the form is now displayed with the correct width.
  • Added encoding so that filenames that include the '#' character are processed by javascripts correctly.
  • Corrected a very rare problem that could cause certain custom event notice bodies to include extra garbage text in the e-mail message when sent.
  • Corrected a problem that could cause Drop Ship files to be prematurely expired.
  • When a users uploads a file for drop shipping, the regular upload notice specified for their account is no longer triggered.

New in Rumpus 6.2.3 (Jan 7, 2010)

  • Multiple files can now be sent for a file request when the Drag & Drop applet is used.
  • A security bug that could permit guest users to escalate requests to the parent user's permission level has been corrected.
  • Streamlined "Action Menu" HTML to produce smaller directory listing pages.
  • The file search response listing now displays the full path to the found file, relative to the user's current folder, in addition to the file name.

New in Rumpus 6.2.2 (Dec 26, 2009)

  • Added an option to allow files already on the server to be drop shipped without being re-uploaded.
  • Files can now be served in content wrapper pages selectively, based on file type. If the "WFM.
  • Download" field is specified for a file type, files of that type are served using the wrapper page, instead of the simple standard link.
  • Changed the trailing character of drop ship URLs from an underscore to an "R" to avoid a URL truncation problem in Windows Mail.
  • Rumpus now blocks WebDAV functions more reliably for user accounts with WebDAV disabled but standard Web access enabled.
  • The "Reset User History" function (on the Define Users window) now works correctly for usernames that include spaces.
  • Addressed an obscure MacBinary file naming issue.
  • URLs sent in Drop Ship e-mails (using the Web-based Drop Ship function) now always point to the server address set as the default hostname, instead of the hostname used by the sender to connect.
  • Added consistency checks to several internal databases to automatically clean up file corruption problems.

New in Rumpus 6.2 (Nov 30, 2009)

  • File Name and Content Search - Web users can now perform text searches to find files by name or content. Powered by the SpotLight search engine running on the server, search results are restricted to each user's content area and the folder in which the search is performed, maintaining server security and making it easy for users to control the scope of their queries.
  • Growl Notifications - Rumpus now supports Growl, the popular notification system for OS X. All Rumpus notices, including file uploads, downloads, and administrator events can be directed to Growl notifications for simple, quick and unintrusive display, even across a network or to an iPhone (with the use of a 3rd party iPhone app).
  • iPhone Optimized Web Interface - While many file management tasks, such as uploading files, don't make sense for mobile users, viewing server content using an iPhone is increasingly common. Rumpus 6.2 includes a new, simplified, iPhone-specific interface optimized for viewing media files on the go.
  • New Web Appearance Options - An entirely new WFM template set, called "Modern", has been added, offering an optional sleek new look to the Rumpus Web File Manager. All Rumpus appearances can also make use of new background fades and patterns, and display simplified file listings with pop-up menu file actions.
  • Automatic Drop Shipping - When a file is drop shipped, an e-mail which contains an automatic file download link is sent to a recipient, allowing large files to be transferred reliably. Rumpus 6.2 offers a built-in drop ship function which allows known Rumpus users to quickly and easily drop ship files to anyone on the Internet.
  • Guest Uploads By Request - Maxum has also added what can best be described as "reverse drop shipping", which we call "File Requests". Using a File Request, any Rumpus user can allow anyone, anywhere on the Internet to send a file simply by clicking a single-use file transfer link in an e-mail message. Files uploaded by guests are delivered to the Rumpus user's content folder, and the Rumpus user is notified the moment the file has arrived.
  • Other New Features:
  • Rumpus now supports e-mail encryption, allowing Event Notices to send mail through GMail and other mail services that require secure connections.
  • File type restrictions specified for WFM settings are now also applied to FTP transfers.
  • Chinese WFM translations (both Simplified and Traditional) have been added.
  • FileWatch has been updated to allow outbound e-mail to be sent via OS X mail, allowing users to take advantage of full mail features when drop shipping files.
  • An action pop-up menu can now be activated for entire rows of the WFM file listing.

New in Rumpus 6.1.3 (Oct 29, 2009)

  • Corrected a problem that caused certain types of drop shipments sent via FileWatch to fail.
  • The drop boxes (blind uploads) in the "Boxes" appearance now work correctly.
  • URL sanitization (encoding of potentially troublesome characters sent in URLs) has been extended to include a few extra characters.
  • Use of HTTP basic authentication is now disabled in all cases.

New in Rumpus 6.1.2 (Sep 16, 2009)

  • The Active Users window now correctly defaults to the first tab.
  • The "Insert Token" function on AppleScript and Shell Script notices now always works correctly.
  • The thumbnail generation status window now opens properly.
  • Rumpus now installs and runs properly on case-sensitive file systems.
  • Corrected a bug which could cause compatibility issues with older WFM template sets.
  • Folders marked for thumbnail display can now be deleted as usual when empty. (The thumbnail cache folder caused the folder to be considered not empty.)
  • Corrected modal dialog operation on the Web-based user management pages in the Boxes appearance.
  • Added "UTF8" to the FTP "features" list to improve character encoding compatibility with clients that recognize it.
  • Added validity check to "Create Domain" function to prevent invalid domain creation.
  • Added "GMTOffsetHours" config file directive which allows the local time zone to be over-ridden with a specific time offset.
  • The WFM is now correctly enabled when Web services are turned on after the Setup Assistant.
  • Corrected 2 potential string processing buffer overrun problems.

New in Rumpus 6.1.1 (Aug 31, 2009)

  • Several messages on secondary WFM pages in the "Boxes" WFM appearance are now properly localized for all languages.
  • A bug that could cause crashes in rare cases when accepting user input form data has been corrected.
  • Users that have exceeded their disk quota are now presented with the "quota exceeded" warning before uploading files via the WFM interface.
  • In Upload Center field names, spaces are no longer permitted to avoid possible javascript errors.
  • Minor documentation updates have been made.

New in Rumpus 6.0.7 (Jun 1, 2009)

  • Corrected a bug that could cause user account listings to display garbage data in the Activity Monitor or FileWatch.
  • Simplified transcript memory management.
  • Increased stack size of server worker threads to avoid low memory conditions.
  • Minor changes to drag and drop applet for Safari 4 compatibility and for optional removal of the "Logout" button on "upload complete" display.

New in Rumpus 6.0.6 (Apr 2, 2009)

  • Corrected a bug that could cause outgoing e-mails to be set with high priority on some servers.
  • Reduced Rumpus FileWatch drop ship file upload updates to improve performance of transfers.
  • When using Web user account administration, a user account e-mail address, notes, and welcome message can now be correctly deleted.
  • When Web users log in with URLs leading to specific resources, the resource URLs are now properly encoded in redirect responses and the hidden "destination URL" field of the login page.
  • Corrected a bug that could cause rare data display issues in the Activity Monitor and FileWatch.

New in Rumpus 6.0.5 (Feb 24, 2009)

  • The default Web File Manager templates have been revised to improve the accuracy of the WFM display, browser compatibility, rendering speed, and handling of special cases such as very long filenames with no spaces.
  • The WFM Can't overwrite file error message is now correctly displayed from the messages file so that it is localized and customizable.
  • Increased the SMTP username and password field lengths to a maximum of 63 characters. Corrected a bug that could cause the failed login counter to not be reset when users completed successful login.
  • The New Username field is now automatically selected when the New User sheet on the Define Users window is opened.
  • Mail sent by Rumpus with end user names specified in addresses as in an address of the form Bob Jones [email protected] are now stripped to only the recipient address for SMTP transmission.
  • The full address is included in mail message bodies for proper display in mail clients.

New in Rumpus 6.0.4 (Feb 5, 2009)

  • Mail and Web server preferences to simplify routine setup tasks.
  • New homogenous "files transferred" and "Failed Transfers" logs.
  • The ability to filter recent files lists by transfer type and user.
  • A "logout URL" allows exiting users to be redirected to a primary Web site.
  • Improved user feedback for long operations like entire folder downloads.
  • Drag & drop uploads can now be used with Upload Center forms.
  • User accounts can now be enabled or disabled for select protocols.
  • A template user account can now be chosen to set defaults for Web-created accounts.
  • The built in WFM color schemes have been revised.
  • A second Event Notice can now be triggered for file uploads.
  • The Rumpus control application has been reorganized for clarity.
  • Users can now choose the language or appearance of the Web interface, if needed.
  • An IP address "White List" is now available.
  • Help text has been improved, and is easier to access.

New in Rumpus 6.0.3 (Jan 21, 2009)

  • Corrected a rare bug that could result in a crash when serving very long directory listings with excessive amounts of extra dynamic content (Upload Center forms, headers, footers, welcome messages, etc.) via the WFM.
  • Corrected the a problem displaying the n-with-tilde character in the Spanish language interface.
  • When an alternate appearance is assigned to a specific user account, the logout page is now displayed using the default appearance to avoid consistency issues.
  • Increased buffer sizes in the Web user administration to allow for longer text messages and user account lists.
  • Altered default WFM template set for improved MSIE 6 compatibility.

New in Rumpus 6.0.2 (Dec 11, 2008)

  • Added an Italian language translation for the WFM interface.
  • The "Allowed IPs" list is now checked for changes by the Rumpus application, and if it changes (due to a remote administrator making a change, for example), it is reloaded.
  • Corrected a bug that caused Rumpus to send an extra HTTP response when terminating persistent connections, which could confuse FireFox 3.
  • To simplify local file monitoring on the server, enabling remote monitoring no longer requires that an allowed client address be supplied.
  • Rewrote software update function to correct corruption problem downloading daemon updates on some OS X 10.5 systems.
  • During a daemon update, the Rumpus application now installs the correct language WFM templates.
  • Added support for the FTP command "STOU" (STOre Unique).
  • The "NoListing" WFM page in the default WFM template now includes a "Manage Users" button for user account management by administrator accounts that don't have "View Directory" privileges.
  • The Drag & Drop Uploader now works correctly in the Boxes WFM appearance. Tightened error checking in Web Administration when defining new user accounts. Corrected a possible server crash when denying the upload of a duplicate file sent via the Drag & Drop upload applet.
  • Corrected a problem moving uploaded files into sub-folders , when accepting small files via the Drag & Drop Uploader and when an Upload Center form is used.
  • Session transcripts are now always saved to the logs folder when "Save Session Transcripts" is enabled.

New in Rumpus 6.0.1 (Dec 1, 2008)

  • This is considered an important update for all Rumpus 6 users, as the new version corrects multiple crashing bugs which could potentially be used in denial of service attacks, effecting server security.
  • The WFM file listing now displays correctly when the "Show File/Folder Icons" option is disabled, and when a secondary download link is not used.
  • Corrected a bug that could cause the server to crash on some systems during FTP login.
  • Patched a slow memory leak.
  • Fixed an error that could cause login problems for WFM users when the "Always Require Login" option was disabled.
  • Added a work-around for a bug in MSIE that caused the WFM footer to be displayed incorrectly.
  • Corrected an HTTP processing bug that could cause Rumpus servers to crash when certain malformed HTTP requests are received.
  • Corrected an FTP buffer overrun bug that will result in a server crash when an FTP user sends certain maliciously formed FTP commands.

New in Rumpus 6.0 (Nov 25, 2008)

  • Rumpus FileWatch:
  • A new application, "Rumpus FileWatch", is now included with Rumpus. FileWatch can be run from your desktop Mac, and displays current user activity and recently transferred files in real time. Files can also be downloaded from the server to your own desktop simply by dragging the file from the list, eliminating the need to search for uploaded files on a remote server volume. Files can also be drop shipped to end users, complete with an automatic e-mail notifying the user of the file posting and providing a simple method to access it.
  • Multi-Domain Support:
  • The basic multi-domain support offered by previous versions of Rumpus has been dramatically expanded. Multiple domains can now be defined in Rumpus, and each domain can be customized with it's own appearance, including colors, fonts, icons and more. Alternate appearance templates can be thoroughly customized, as always, and can be displayed based on user selection or user account setting, as well as by domain name.
  • Web File Manager Updates:
  • The WFM can now easily be customized with page header and footer text, a "welcome" message and the ability to restrict upload types. Additional customization is also easier thanks to a revised and heavily CSS-oriented interface.
  • User Account Management:
  • Rumpus 6 makes user account management easier and more flexible through the tracking of notes associated with each account, user-specific welcome messages, automatic account setup notification via e-mail, and a completely revised Web user account management interface. System administrators can now easily customize what user account settings can be managed by sub-administrators, simplifying user management and improving security.
  • Mail and Web server preferences to simplify routine setup tasks
  • New homogenous "files transferred" and "Failed Transfers" logs
  • The ability to filter recent files lists by transfer type and user
  • A "logout URL" allows exiting users to be redirected to a primary Web site
  • Improved user feedback for long operations like entire folder downloads
  • Drag & drop uploads can now be used with Upload Center forms
  • User accounts can now be enabled or disabled for select protocols
  • A template user account can now be chosen to set defaults for Web-created accounts
  • The built in WFM color schemes have been revised
  • A second Event Notice can now be triggered for file uploads
  • The Rumpus control application has been reorganized for clarity
  • Users can now choose the language or appearance of the Web interface, if needed
  • An IP address "White List" is now available
  • Help text has been improved, and is easier to access

New in Rumpus 5.3.9 (Jun 4, 2008)

  • Added Spanish language WFM interface.
  • Added support for chunked HTTP uploads, allowing OS X 10.5.3 WebDAV clients to transfer files.

New in Rumpus 5.3.8 (Apr 15, 2008)

  • Introduced a fix for a file system issue in which files may not be immediately accessible after creation on slow volumes.
  • Fixed a file path reporting problem in Event Notices when multiple files are listed that have been uploaded to different folders.
  • Corrected token insertion pop-up for shell script and AppleScript notices.
  • Added javascript test to alert users if no file is selected when trying to upload.

New in Rumpus 5.3.7 (Mar 4, 2008)

  • A new token, "homefoldername" has been added to Event Notice processing, allowing the user's Home Folder folder name to be included in notices. FTP �site� commands can now be disabled, if required, by adding the directive "DisableFTPSiteCommands YES� to the Rumpus configuration file.
  • Folders created when Drag & Drop upload is used to send entire folders now have ownership and permissions set correctly.
  • Corrected potential crash bug in cases where very high peak loads are reached.
  • The "" Event Notice token now works when the referenced file is accessed through an alias.
  • Added the "" token to the Event Notice "Insert A Token" pop-up list. In Event Notice shell scripts, ampersand characters ("&") in filenames are now escaped so that scripts can process those files correctly.

New in Rumpus 5.3.3 (Nov 3, 2007)

  • Installation and management of software components (the server daemon, SSL tunnel, and remote control daemon) has been revised for improved reliability under OS X 10.5 (Leopard). A bug in sending event notices which use the file name and path tokens in the message subject for multi-file uploads has been corrected. Made minor changes to WebDAV directory listing XML for improved Finder compatibility.

New in Rumpus 5.3.1 (Oct 18, 2007)

  • The WebDAV server has been updated to support Windows clients and improve security. The WFM "Create Folder" dialog now automatically selects the folder name field. A bug that caused a conflict between new security restrictions and the "Allow User To Move Out Of Home Folder" option has been fixed. The WFM interface can now be installed in Danish. User Home Folders with paths that include extended characters can now be accessed via WebDAV.