I am glad to announce the release of FileAgo v1.1.0. 😊
Support for AES256 encryption
File encryption at rest was one of the features that I received from users over the past month. Starting with the latest version, FileAgo automatically encrypts files using the military grade
AES-256-GCM encryption and stores the encrypted version of the file to disk. A unique
encryption key is used to encrypt each file, and the combination of encryption key and IV (initialization vector) is only used once.
For Office documents, FileAgo creates a .pdf version of it to display on the browser. This .pdf version is also encrypted and stored in the filesystem. When the file is fetched by the user, it is decrypted on the fly by FileAgo server before being sent to the user via HTTPS.
The encryption key is encrypted once again using a random key before it is saved in the database. This means that even if someone has access to the filesystem, he will only see encrypted files, and not the original version of it. Cool, eh? 😎
It is also possible to turn on/off encryption from the
Admin Panel. Files will only be encryted when the
Encrypt files (AES-256) is enabled. You can find this option under the
However, I highly recommended you to keep this option enabled at all times.
When a new file is uploaded, it is encrypted automatically. This event is also registered in the event logs.
Several bugs has also been fixed in this release.
What other features would you like to see in FileAgo? Do let me know in the comments.