FuseGuard 2.3 Released
This is a free upgrade for all customers already running version 2.0-2.2, here's a list of what's new in this release:
- Updates to FuseGuard Manager (our web admin) include an updated responsive layout powered by Bootstrap, pagination on log tables, and other minor viewing tweaks.
- Built-in support for X-Forwarded-For headers that are often used with Load Balancers and proxy servers. Must be turned on with firewall.setUseXForwardedFor(true) in configurator
- Additional configuration settings for the IDValidationFilter and ScopeInjectionFilter
- Implemented Content-Security-Policy headers and X-Frame-Options headers for FuseGuard Manager
- Improved Railo Compatibility
- CrossSiteScriptingFilter now more strict in non-form scopes
- Added UTF7 bom detection in query string
- Added the FuseGuardApplication component to simplify deployment in Application.cfc
I hope you will spend a few minutes to download a trial and see how easy it is to add an additional layer of security to your ColdFusion applications with FuseGuard.
If you want to see how it works you can also watch this 10 minute video on YouTube.
- Minor JavaDocs.org Update
- nginx Directive rewrite is not terminated
- Using Mozilla's Certificate Authority List for Java SSL
- SessionRotate solution for JEE Sessions
- False TemplateNotFoundException ColdFusion 9
- ColdFusion defaults avoid flawed Random Number Generator
- Apache Security Patches on CentOS / RHEL
- FuseGuard 2.4 Released