The best and recommended way to connect to copyparty (either from windows, linux, or macos) is with WebDAV – this will give you much higher performance. WebDAV is also a MUCH safer choice when connecting over the internet, since it is just https after all. Meanwhile, exposing SMB to the internet is generally a recipe for, well… nasty surprises :-)

There are also very copyparty-specific reasons to not use the SMB-server, and these are explained in the readme. That’s also why the SMB-server is not possible to enable in any of the official copyparty distributions without manually obtaining the necessary dependencies for that (impacket).

There were comments about security risks though, based on being a small project with a LOT of integrations.

time will show, but the only thing i actively regret adding was the support for discord embeds (the “og” option); opengraph is an awfully designed concept and, unrelatedly, it has been a source of a handful of bugs in how it was implemented in copyparty (that one’s on me). Keeping that disabled avoids a lot of edgecases, most of which are decreed by the opengraph spec.

That said, there’s no features keeping me up at night; i think for the most part things are fine – just don’t enable the smb server 😁

hfs v2 (the old banger of an exe) is no longer being maintained and has some known unfixed vulnerabilities, however there is now a rewrite (hfs v3) which is shaping up really nicely.

should also mention that copyparty is also available as a windows exe which will run without python or any other dependencies

Yep! Depending on what your home connection looks like, you have a few options:

if you are lucky enough to have your own private IP-address and are able to open ports, then you’re almost done already – you can put copyparty on some port (or keep the default 3923), and then anyone could connect to it by going to https://your.ip.address:3923/

(with this approach, you will want to create your own HTTPS certificate so the traffic is properly encrypted – the best option here is to get a domain and get a certificate for the domain)

however, if you are behind CGNAT, meaning your internet provider has given you a shared IP-address, then people cannot connect directly to your home-PC. One way around that issue is by setting up a machine somewhere on the internet which bridges the gap back home to your PC. Cloudflare offers this as service, and this is explained in the copyparty readme – see the “at home” section for one way to do that.

if you are against using Cloudflare for idealistic reasons (they are becoming quite powerful since they run a whole lot of the internet), then you can set up a cheap VPS which serves the same purpose. That’s my setup, and how you are accessing the copyparty demo server right now – I have the cheapest VPS you can get from Hetzner. The VPS is running nginx, and it forwards the traffic to my homeserver through an SSH tunnel. I haven’t documented this approach in the copyparty readme, but I have a feeling a lot of other people have :>

it’s such an impressive project! Amazing what they’ve accomplished in so little time, and so important too – we need as many options as we can get.