FuseGuard 2.3 Released
This is a free upgrade for all customers already running version 2.0-2.2, here's a list of what's new in this release:
- Updates to FuseGuard Manager (our web admin) include an updated responsive layout powered by Bootstrap, pagination on log tables, and other minor viewing tweaks.
- Built-in support for X-Forwarded-For headers that are often used with Load Balancers and proxy servers. Must be turned on with firewall.setUseXForwardedFor(true) in configurator
- Additional configuration settings for the IDValidationFilter and ScopeInjectionFilter
- Implemented Content-Security-Policy headers and X-Frame-Options headers for FuseGuard Manager
- Improved Railo Compatibility
- CrossSiteScriptingFilter now more strict in non-form scopes
- Added UTF7 bom detection in query string
- Added the FuseGuardApplication component to simplify deployment in Application.cfc
I hope you will spend a few minutes to download a trial and see how easy it is to add an additional layer of security to your ColdFusion applications with FuseGuard.
If you want to see how it works you can also watch this 10 minute video on YouTube.
- CFSummit 2016 Slides
- Securing Legacy CFML - dev.Objective() 2016 Slides
- My CFSummit 2015 Slide Decks
- Adding Chrome Custom Search for CFDocs
- Disable Flash Remoting on ColdFusion Servers
- HackMyCF Adds SSL/TLS Scanner
- IncompatibleClassChangeError after ColdFusion 11 Update 5
- Scope Injection in CFML