SLightSFTP Server

100% FREE

Lightweight, Secure, and Easy-to-Use SFTP & FTP Server

A modern file transfer server with powerful GUI management, real-time monitoring, and enterprise-grade security features. Completely free and open source software.

Download Latest Version View Documentation

More Pages & Deep Dives

Explore standalone pages with extra diagrams, primers, and walkthroughs to improve content richness and user trust.

Architecture Guide

Stack overview, data flow diagrams, deployment topologies, and database model notes.

Open architecture page →

Benchmarks

Throughput samples, methodology, hardware specs, and tuning checklist.

Open benchmarks page →

Protocols 101

SFTP vs FTP vs FTPS positioning, firewall planning, and public key authentication guide.

Open protocols page →

User Manual

Step-by-step screenshots placeholders for dashboard, listeners, users, and exports.

Open manual page →

Security & Hardening

Public key how-to, hardening checklist, audit ideas, and incident response playbook.

Open security page →

FAQ

Common questions on ports, passive mode, keys, antivirus, and upgrades.

Open FAQ page →

Build & Deploy (Win/Linux/macOS)

How to build, package, and run SLightSFTP across platforms using Node.js/TypeScript.

Open build & deploy page →

Roadmap & Missing Features

What is planned next and what is intentionally out-of-scope today.

Planned

🔜 TLS termination helper for Web GUI behind reverse proxies
🔜 Configurable passive FTP port ranges via UI
🔜 Per-listener bandwidth caps and throttling
🔜 Scheduled maintenance mode with custom banner
🔜 Email/Discord webhook alerts on failures

Known Gaps

❗ No built-in FTPS (explicit TLS) yet—use SFTP for encryption
❗ No clustering/HA; single-node focus
❗ No quota enforcement per user (use filesystem quotas)
❗ Passive port range must be set in config files for now
❗ No macOS/Linux installer; Windows-first

Use Case Ideas

Partner file drops with key-only SFTP on a DMZ port
Internal automation over FTP for legacy tools
Lab environments with throwaway users and virtual paths
Secure log collection using append-only paths
Hybrid: Desktop GUI for ops + Web GUI for support teams

Key Features

🔐

Dual Protocol Support

Support for both SFTP (SSH File Transfer Protocol) and FTP protocols with independent listener configuration.

🖥️

Modern GUI Management

Choose between Desktop (Electron) or Web-based interface with real-time monitoring, activity charts, and easy configuration. Desktop GUI can control the web server.

🌐

Web-Based GUI

Access the management interface from any browser. Perfect for headless servers and remote administration. Can be started/stopped from Desktop GUI.

📊

Real-Time Activity Monitoring

Live activity charts updating every second, showing successful operations and errors with detailed logs.

👥

Multi-User Management

Create unlimited users with individual permissions, virtual paths, and listener access control.

🔑

Flexible Authentication

Support for password and SSH public key authentication with per-user configuration.

📁

Virtual Path Mapping

Map virtual paths to real directories, isolating users to specific folders with granular permissions.

⚡

High Performance

Lightweight and fast, built on Node.js with TypeScript for reliability and performance.

🔍

Comprehensive Logging

Detailed activity logs with authentication method, remote IP, and operation tracking. Export to CSV or copy to clipboard.

🛡️

Granular Permissions

Control read, write, delete, rename, create, and list permissions per user per listener.

🌐

Multi-Listener Support

Run multiple SFTP and FTP listeners on different ports with independent configurations.

📈

Session Management

View active connections, automatic idle timeouts (5 min), and terminate sessions with real-time statistics.

🎯

System Tray Integration

Minimize to system tray, keep servers running in the background, and quick access from tray icon.

⏱️

Automatic Idle Timeout

Automatic disconnection of idle connections after 5 minutes to prevent resource leaks and ensure optimal performance.

✅

Comprehensive Testing

35+ integration tests with real SFTP/FTP connections ensure reliability and protocol compliance.

Download SLightSFTP

Latest Version: v1.1.0

Released: December 25, 2025

What's New:

Real-time activity monitoring with 1-second updates
Login authentication logging with method and remote IP
Activity log export (Copy/Save to CSV)
Dashboard auto-refresh every 5 seconds
Enhanced error handling for file operations
System tray integration (Desktop mode)
Web-based GUI interface (Browser mode)
Integrated web server controls in Desktop GUI
Multi-user management with GUI
Virtual path mapping
Session management with idle timeout (5 minutes)
Automatic disconnect handling for idle connections
Windows MSI installer for easy deployment
Comprehensive test suite with 35+ integration tests
Enhanced security with robust disconnect handling
Dual deployment modes: Desktop (Electron) or Web Server

💾 Download for Windows (x64) ~100 MB

MSI Installer - Requires Windows 10 or later

Enjoying SLightSFTP? Support the development!

☕ Buy Me a Coffee

Architecture & Deployment

Understand how SLightSFTP pieces fit together for Desktop and Web deployments.

Desktop (Electron) Stack

Electron shell hosting the management UI
Embedded Node.js server hosting SFTP/FTP listeners
SQLite database for users, listeners, and activity
System tray controller for background runtime

Web Server Stack

Node.js + TypeScript back end
REST + WebSocket API for live stats and control
Headless friendly: run as Windows service or scheduled task
Same database schema shared across modes

Security Layers

Authentication: password and SSH public key
Authorization: per-listener permissions and virtual paths
Isolation: sandboxed virtual paths to local folders
Observability: audit-grade activity logging with IP + auth method

Desktop Mode
+-------------------+     +------------------+     +--------------------+
| Electron GUI      | --> | Node Controller  | --> | SFTP/FTP Listeners |
| (React/HTML)      |     | (IPC + WebSocket)|     | (Ports 22/21/Custom)|
+-------------------+     +------------------+     +--------------------+
         |                       |                          |
         v                       v                          v
    Activity Log           SQLite Database            Virtual Paths

Web Mode
Client Browser --> Web GUI --> REST/WebSocket API --> Core Server --> Listeners --> Storage

Data Model Highlights

Users: credentials, SSH keys, listener bindings, permissions
Listeners: protocol, port, bind IP, status, statistics
Virtual Paths: virtual to local mapping with scoped permissions
Activity: timestamp, username, path, verb, success/error, remote IP

Deployment Recipes

Desktop only: Install MSI ➜ Start app ➜ Keep tray running
Desktop + Web: Start Web Server from GUI ➜ expose port 3000 via firewall rule
Headless: npm run start:web ➜ configure service ➜ manage via browser

Network Placement

DMZ listener for external partners, internal listener for LAN users
Different keys/passwords per listener
Optional reverse proxy for TLS termination of Web GUI
Restrict ports with Windows Firewall scopes

Benchmark & Performance Notes

Indicative numbers on common hardware. Your mileage varies based on disk, network, and antivirus hooks.

Test Rig

CPU: i5-12600K, 32 GB RAM
Disk: NVMe SSD (PCIe 4.0)
Network: 1 Gbps LAN
OS: Windows 11 Pro 23H2
Build: SLightSFTP v1.1.0 (Desktop mode)

Results (samples)

Scenario	Throughput	Notes
Single SFTP upload (1 GB)	410 Mbps	CPU ~18%, disk-bound
4 parallel SFTP uploads (1 GB each)	720 Mbps agg.	CPU ~42%, stable RAM
FTP download burst (1000 x 1 MB)	560 Mbps	Control channel steady, no drops
Authentication throughput	800 logins/min	With logging enabled

Methodology

Clients: WinSCP 6.3.3 and FileZilla 3.66
Default idle timeout (5 min) kept enabled
No compression; AES-256 for SFTP
Windows Defender active (no exclusions)
Logs retained; CSV export post-test

Tip: exclude the data directory from real-time AV scanning for higher throughput.

SFTP vs FTP: Quick Primer

Choose the right protocol for your users and compliance posture.

SFTP (SSH File Transfer)

Encrypted by default over SSH (port 22)
Single channel for control and data
Supports password and SSH public keys
Best for Internet-facing and regulated workloads

FTP (File Transfer Protocol)

Classic protocol; simple client compatibility
Separate control and data channels (port 21 + passive ports)
Use behind VPNs or trusted LANs
Configure firewall for passive port ranges if exposed

When to pick which?

Security first: pick SFTP
Legacy tooling: keep FTP for known clients
Mixed estate: run both listeners on different ports
Automation: both support scripts via curl/psftp

Public Key Authentication (SSH)

Generate a key pair on the client (ssh-keygen -t ed25519 -C "user@host")
Copy the public key contents (e.g., id_ed25519.pub)
In SLightSFTP Users panel, enable "Public Key" and paste the key
Keep "Password" enabled for fallback or disable for key-only
Distribute the private key securely; set file permissions on the client
Connect with a client that supports keys (WinSCP, FileZilla, OpenSSH)

Keys remain on the server database; they are never exposed to clients. Revoking access is instant—remove the key and save.

Firewall & Port Planning

SFTP: allow chosen port (default 22); prefer static IP allowlist
FTP: allow control port 21 plus passive range (configurable); use narrow ranges
Web GUI: default 3000; proxy behind IIS/NGINX for TLS
Audit: activity log captures remote IP and auth method for every attempt

User Guide

📦 Installation

Download the installer from the download section above
Run the SLightSFTP-1.1.0-setup.msi installer
Follow the installation wizard:
- Choose installation directory (default: C:\Program Files\SLightSFTP)
- Select Desktop shortcut option
- Installer creates all required directories automatically
Launch SLightSFTP from the Start Menu or Desktop shortcut
First launch automatically creates database and default admin user

Note: Administrator privileges are required for installation and first launch.

🚀 Getting Started

Deployment Modes

SLightSFTP supports two deployment modes:

Desktop Mode (Default): Full Electron GUI application with system tray support
Web Server Mode: Browser-based interface accessible from any device (perfect for headless servers)

Key Feature: The Desktop GUI includes built-in controls to start/stop the Web Server, allowing you to run both interfaces simultaneously!

Starting Web Server from Desktop GUI

Launch the Desktop application (SLightSFTP)
Navigate to the Settings or Web Server section
Click Start Web Server
The web GUI will be accessible at http://localhost:3000 (default port)
You can now manage the server from both the Desktop GUI and browser simultaneously
Click Stop Web Server when you want to disable browser access

Note: All web server activity is logged in the activity log.

To run in standalone Web Server mode: Use command npm run start:web or node dist/web-only.js

Default Web GUI URL: http://localhost:3000

First Login

Default Username: admin
Default Password: admin123
⚠️ Important: Change the default password immediately after first login!

Starting Servers

Go to the Listeners panel
Default listeners are pre-configured:
- SFTP on port 22
- FTP on port 21
Click Start on any listener to begin accepting connections

Accessing Web GUI (Web Server Mode)

Start the server with npm run start:web
Open your browser and navigate to http://localhost:3000
Log in with your credentials (default: admin/admin123)
Access the full management interface from any device on your network
The Web GUI port can be configured via WEB_PORT environment variable

👥 User Management

Creating a New User

Navigate to the Users panel
Click Add User
Enter username and configure authentication:
- Password: Enable and set a secure password
- Public Key: Optional SSH key authentication
Assign the user to one or more listeners
Configure virtual paths (directories accessible to the user)
Set permissions per listener
Click Create

User Permissions

Read: Download files and view directory contents
Write: Upload and modify files
Delete: Remove files and directories
Rename: Rename files and directories
Create: Create new files and directories
List: View directory listings

🔧 Listener Configuration

Creating a New Listener

Go to Listeners panel
Click Add Listener
Configure:
- Name: Friendly name for the listener
- Type: SFTP or FTP
- Port: Port number (default: 22 for SFTP, 21 for FTP)
- Binding IP: IP address to bind (0.0.0.0 for all interfaces)
Click Save
Click Start to activate the listener

📁 Virtual Paths

Virtual paths map a virtual directory (seen by clients) to a real directory on your server:

Virtual Path: /public
Local Path: C:\sftp\public
Clients will see /public but access files in C:\sftp\public

Note: Virtual paths provide isolation and security by preventing direct access to server filesystem.

📊 Activity Monitoring

Dashboard

Real-time activity chart showing operations per second
Green area: Successful operations
Red area: Errors and failed operations
Recent activity (last 1 hour)
Active listeners and sessions count
Auto-refreshes every 5 seconds

Activity Log

Detailed logs of all operations
Shows: timestamp, listener, username, action, path, authentication method, and remote IP:port
Copy: Copy all logs to clipboard
Save: Export logs to CSV file
Filter and clear logs by date range

🔐 Security Best Practices

✅ Change default admin password immediately
✅ Use strong, unique passwords for all users
✅ Enable SSH public key authentication when possible
✅ Grant minimum necessary permissions to users
✅ Use virtual paths to isolate user access
✅ Regularly review activity logs for suspicious activity
✅ Keep the software updated
✅ Use firewall rules to restrict access by IP if needed
✅ Automatic idle timeout (5 min) prevents hung connections
✅ All connection attempts are logged with IP and authentication method

🔧 Connecting to the Server

SFTP Connection (Port 22)

Using FileZilla or WinSCP:

Protocol: SFTP
Host: Your server IP or hostname
Port: 22 (or your configured port)
Username: Your configured username
Password: Your password (or use SSH key)

FTP Connection (Port 21)

Using any FTP client:

Protocol: FTP
Host: Your server IP or hostname
Port: 21 (or your configured port)
Username: Your configured username
Password: Your password

❓ Troubleshooting

Listener Won't Start

Check if another application is using the port
Verify you have administrator privileges
Check firewall settings

Cannot Connect

Verify listener is running (green status)
Check firewall allows connections on the port
Verify username and password are correct
Check user is authorized for the listener

Permission Denied Errors

Verify user has the necessary permissions for the operation
Check virtual path permissions in the user configuration
Ensure the user is assigned to the correct listener
Verify local directory exists and is accessible

Connection Hangs on Exit (Windows SFTP CLI)

This is a known issue with the built-in Windows SFTP CLI client
The server automatically disconnects idle connections after 5 minutes
Solution: Use alternative SFTP clients like FileZilla, WinSCP, or PuTTY's PSFTP
All resources are properly cleaned up on timeout

Idle Connection Timeout

Connections idle for 5 minutes are automatically disconnected
This is normal behavior to prevent resource leaks
Perform any operation to reset the idle timer
Simply reconnect if your connection was terminated

User Manual & Visual Walkthrough

Step-by-step guidance with annotated screenshot placeholders. Swap placeholders with your real captures to boost trust and ad quality.

Dashboard Overview

Shows live activity, listener health, and recent errors. Use it to confirm connections, throughput, and failures in real time.

Dashboard screenshot (insert image)

Open the app; dashboard loads by default
Verify listeners are green; start if stopped
Watch activity chart for spikes; click errors to drill into logs

User & Key Management

Create accounts, attach SSH keys, and map virtual paths.

Users page screenshot (insert image)

Add user ➜ set password ➜ paste public key (optional)
Assign listeners (SFTP/FTP) and permissions (read, write, delete, rename, create, list)
Attach virtual paths to isolate storage per user

Listener Controls

Start, stop, and edit listener settings from GUI or Web.

Listeners screenshot (insert image)

Open Listeners panel ➜ click Add
Select protocol, port, bind IP; save
Use Start/Stop; watch status badges and port validation

Activity & Audit Exports

Audit-ready logs with CSV export and copy-to-clipboard.

Activity log screenshot (insert image)

Open Activity tab to filter by time and listener
Click Copy to move logs to clipboard or Save to CSV
Archive exports for compliance evidence

Screenshot Tips

Capture at 1440p with neutral theme for clarity
Blur sensitive hostnames or IPs
Highlight buttons and toggles with callouts before export
Keep file names descriptive (e.g., dashboard-live.png)

Previous Versions

Download older versions of SLightSFTP for compatibility or rollback purposes.

v1.1.0

Current December 25, 2025

Added web server port editing with modal dialog and improved UI

Download

v1.0.0

December 23, 2025

Initial release with all core features including comprehensive testing

Download

🔄 Previous versions will appear here as new releases are published.

Changelog

Version 1.1.0 - December 25, 2025

UI Improvements & Bug Fixes

🔧 Added web server port editing functionality with modal dialog
🔧 Fixed port input field to allow manual text entry (changed from number to text input)
🔧 Web server port display now updates correctly after changing port
🔧 Improved input field focus and selection behavior
🔧 Added support for multiple port edits without requiring restart
🔧 Enhanced modal with auto-focus and text selection

Version 1.0.0 - December 23, 2025

Initial Release

✨ SFTP and FTP server support
✨ Modern GUI with Electron (Desktop mode)
✨ Web-based GUI interface (Browser mode)
✨ Dual deployment modes: Desktop or Web Server
✨ Integrated web server controls in Desktop GUI
✨ Start/Stop web server from Desktop interface
✨ Real-time activity monitoring with charts
✨ Multi-user management
✨ Virtual path mapping
✨ Granular permissions system
✨ Automatic idle timeout (5 minutes)
✨ Disconnect handling for idle connections
✨ Windows MSI installer
✨ Comprehensive test suite (35+ integration tests)
✨ Real connection testing with SFTP/FTP protocols
✨ Activity log export (CSV/Clipboard)
✨ System tray integration (Desktop mode)
✨ Session management with real-time stats
✨ Authentication logging with IP tracking
✨ Browser-based remote administration
✨ WebSocket real-time updates in Web mode

✨ Password and SSH key authentication

✨ Session management

✨ Activity log with export functionality

✨ System tray integration

✨ Dashboard with auto-refresh

✨ Detailed login logging with IP and method

✨ Configurable activity retention

Contact & Support

🌟 Open Source Project

SLightSFTP is a free and open source software project hosted on GitHub. We welcome contributions from the community!

📦 View Source Code 🐛 Report Issues

All issues should be logged on GitHub. The developer is working to fix them as soon as possible. Anyone can contribute to the project!

📧

Email Support

Have questions, feedback, or need assistance?

slightsftp@gmail.com

We typically respond within 24-48 hours

🐛

Report Issues

Found a bug or have a feature request?

Report on GitHub

Please include version number and steps to reproduce

💡

Contribute

Want to contribute to SLightSFTP?

View Repository

We value your contributions and pull requests

Getting Help

📖 Documentation

Check the User Guide for detailed instructions

❓ Troubleshooting

Review common issues and solutions in our guide

🔄 Updates

Check the versions section for the latest release