My company Foundeo Inc. released version 2.3 of FuseGuard our Web Application Firewall for ColdFusion (and Railo too) servers.

This is a free upgrade for all customers already running version 2.0-2.2, here's a list of what's new in this release:

• Updates to FuseGuard Manager (our web admin) include an updated responsive layout powered by Bootstrap, pagination on log tables, and other minor viewing tweaks.
• Built-in support for X-Forwarded-For headers that are often used with Load Balancers and proxy servers. Must be turned on with firewall.setUseXForwardedFor(true) in configurator
• Additional configuration settings for the IDValidationFilter and ScopeInjectionFilter
• Implemented Content-Security-Policy headers and X-Frame-Options headers for FuseGuard Manager
• Improved Railo Compatibility
• CrossSiteScriptingFilter now more strict in non-form scopes
• Added UTF7 bom detection in query string
• Added the FuseGuardApplication component to simplify deployment in Application.cfc

I hope you will spend a few minutes to download a trial and see how easy it is to add an additional layer of security to your ColdFusion applications with FuseGuard.

If you want to see how it works you can also watch this 10 minute video on YouTube.