🚀 New features:
- Copy files from the server to clients with full control over the writable folders on the client. Read more
- Scheduling of scripts with a central server-side scheduler for individual clients and groups. Read more
- Client-side tunnel allow-deny rules. On the client configuration, you can define exactly where a tunnel is allowed to connect. See new options.
- Tunnels can now be accessed on a different hostname than the API or UI achieving more flexibility when running behind a reverse proxy or Cloudflare. See new options.
- Purging disconnected clients can be turned off now. You can keep them in your inventory forever. See new options.
- You can specify which interface to use for tunnel connections on the RPort client. Useful if the remote machine has multiple network cards. See new options.
- API listener accepts now TLS 1.3 only. The support for weak encryption has been discontinued.
- Proper 404 handling on the static web server, no more HTTP status code 200 on “file not found”.
- The Systemd service always injects ambient capabilities to bind privileged ports.
- Emails and push messages with the two-factor token now include the user-agent and the remote IP address of the requester to better identify login attempts.
- Migrated to a more secure JWT implementation. Read more
- SQLite Write-Ahead Logging (WAL) is enabled by default for all databases to improve concurrent operations.