FuseGuard 2.3 Released
This is a free upgrade for all customers already running version 2.0-2.2, here's a list of what's new in this release:
- Updates to FuseGuard Manager (our web admin) include an updated responsive layout powered by Bootstrap, pagination on log tables, and other minor viewing tweaks.
- Built-in support for X-Forwarded-For headers that are often used with Load Balancers and proxy servers. Must be turned on with firewall.setUseXForwardedFor(true) in configurator
- Additional configuration settings for the IDValidationFilter and ScopeInjectionFilter
- Implemented Content-Security-Policy headers and X-Frame-Options headers for FuseGuard Manager
- Improved Railo Compatibility
- CrossSiteScriptingFilter now more strict in non-form scopes
- Added UTF7 bom detection in query string
- Added the FuseGuardApplication component to simplify deployment in Application.cfc
I hope you will spend a few minutes to download a trial and see how easy it is to add an additional layer of security to your ColdFusion applications with FuseGuard.
If you want to see how it works you can also watch this 10 minute video on YouTube.
- Writing Secure CFML cfObjective 2013 Slides
- Upgrading to Java 7 on Linux
- J2EE Sessions in CF10 Uses Secure Cookies
- Learn about ColdFusion Security at cfObjective 2013
- Session Loss and Session Fixation in ColdFusion
- CKEditor Spell Checker Plugin
- Adobe Says Go Ahead and Upgrade your ColdFusion JVM