Pete Freitag's Homepage

Recent Blog Entries...

Upload Files Directly to Amazon S3 using ColdFusion

Here's a quick example showing how to upload a file directly to Amazon S3 (bypassing your server). The tricky part in getting this to work is that you don't want to allow anyone to upload a file anywhere on your S3....

Minor JavaDocs.org Update

As you may know I run a few doc shortcut sites, cfdocs.org for CFML has been going quite well since publishing the source on github with a bunch of community contributions.

The other site I use alot is JavaDocs....

nginx Directive rewrite is not terminated

I have been setting up some sites on nginx today (moving from an apache server) and have been pretty happy with how an Apache rewrite rule like:

RewriteRule /foo/([0-9]+)/ /foo....

Using Mozilla's Certificate Authority List for Java SSL

Every so often you run into an issue where you need to import a certificate signing authority's certificate into Java's cacerts certificate authority file....

SessionRotate solution for JEE Sessions

As you may know the new ColdFusion 10 function SessionRotate works great if you are using ColdFusion sessions (CFID, CFTOKEN), but it doesn't actually rotate the session id or invalidate the underlying J2EE session if you are using JEE sessions....

False TemplateNotFoundException ColdFusion 9

I was working on a server (CF9.0.2 Win2008 IIS7.5) installation today and ran into what I thought at first was an IIS connector issue....

ColdFusion defaults avoid flawed Random Number Generator

I've been researching a very interesting security topic for the past few weeks related to the Snowden NSA leaks and even related to ColdFusion. Thankfully Adobe's default settings avoid the weakness....

Apache Security Patches on CentOS / RHEL

Those familiar with RedHat Enterprise Linux (RHEL) or CentOS servers may notice that when you update a Apache (or most any other package) on a RedHat / CentOS based server it still reports the same version number....

FuseGuard 2.4 Released

I'm pleased to announce the availability of FuseGuard (Web App Firewall For CFML) version 2.4 today! In addition Ortus Solutions (Luis Majano and the folks behind ColdBox) have also announced Ortus FuseGuard Module - a ColdBox module for FuseGuard....

New HackMyCF Features

HackMyCF, my company's ColdFusion (and Railo too) server security scanner was recently updated with some cool new features for our paid subscribers....

Blocking .svn and .git Directories on Apache or IIS

One of the issues that our HackMyCF ColdFusion Server Scanner checks for is the existence of public .git/ or .svn/ directories. Exposing these directories to the public could lead to information disclosure, such as your server side source code....

CFDocs site now Open Source

You may be aware that I've run a site for quick access to the CFML documentation since 2004 called cfdocs.org. My goal for this site has always been to get to the documentation you need as fast as possible....
More Entries »
Search
Subscribe to my RSS Feed:
solosub
Use SoloSub to subscribe to my RSS feed using Bloglines, MyYahoo, NewsGator, and more.
there is more to this site: sitemap