Locking Down ColdFusion Presentation Slides

coldfusion The slides for my 2010 CFUnited presentation Locking Down ColdFusion are now available. The presentation is based on the ColDFusion 9 Lockdown Guide whitepaper that I wrote for Adobe. It covers various techniques to make your ColdFusion installation more secure.

This entry was:

Is your ColdFusion Administrator Actually Public?

coldfusion Every so often I get an email back from someone who ran HackMyCF.com saying something like this:

Your scanner says our ColdFusion Administrator is publicly accessible, but I don't think that's true.

This entry was:

Howto Require SSL for ColdFusion Administrator

coldfusion A good security practice is to require SSL for ColdFusion administrator access (an even better practice is to limit access to localhost). This should only take less than five minutes on either Apache or IIS.

This entry was:


did you hack my cf?