ColdFusion Lockdown Series - Multiple Partitions

coldfusion One of the most frequent questions I get about the Adobe ColdFusion 9 Lockdown Whitepaper is:

Why do you suggest using 3 partitions when installing ColdFusion?

This entry was:

Request Filtering in IIS 7 Howto

web I've been doing some security work in Windows 2008 recently for a client, one feature I've really come to like in IIS 7 is Request Filtering.

You can configure Request Filtering at the server wide level, and then override or enhance the filtering at a site / application level.

This entry was:

IIS: Disabling Weak SSL Protocols and Ciphers

web It's no secret by now that if your web site sees credit card numbers (even if they are passed to a third party gateway) you need to comply with the PCI DSS standards.

Requirement 4.

This entry was:

Remove X-Powered-By: ASP.NET Header

web Have you ever noticed that IIS tends to brand every HTTP response with the header X-Powered-By: ASP.NET - it will do this even if your site is not powered by ASP.

This entry was:

Howto Disable the Server Header in IIS

web Steven Erat just pointed me to a technote from Macromedia Adobe called: Configuring ColdFusion MX 7 Server Security in the comments of my securing apache config article.

This entry was:

Top 20 Internet Security Vulnerabilities of 2005

apple databases linux misc web SANS has published a list of the top 20 internet security vulnerabilities of 2005. The list is not however cumulative, it features security vulnerabilities that have been the most prevalent within the past year and a half.

This entry was:

Cheat Sheet Roundup - Over 30 Cheatsheets for developers

apple coldfusion databases java linux web Lets face it, unless you have a photographic memory, no developer can remember all the different functions, options, tags, etc. that exist. Documentation can be cumbersome at times, thats why I like cheat sheets.

This entry was:

Apache mod_rewrite for IIS

web mod_rewrite is easily my favorite module for Apache. You can use it to create very clean urls, and you can even use it for security validation.

This entry was:

Virtual Desktop Manager for Windows XP

misc The other day I blogged about a virtual desktop manager for Mac OS X - if your interested in getting one for Windows XP, you can get one from Microsoft's PowerToys download page. To enable it right click on your taskbar, goto the Toolbars menu, and select Desktop Manager.

This entry was:

SSH for Windows

misc I was recently pointed to an OpenSSH installer for Windows. This includes both the clients (ssh, scp) and a server (ssh shell server, and scp/sftp server). It also adds the clients to your path for you so you can use them from the command line.

This entry was:

Unix Utils for Windows

misc I work with unix operating systems quite a bit. So when I'm using Windows I'm often missing some of the handy little command line unix tools that are ubiquitous to unix but no where to be found on Windows.

Just today I was wanting to use the GNU find utility.

This entry was:

Right Click to Open Command Prompt in Directory

misc Here's a handy tip that I got from a co-worker, who found it in the book Microsoft Visual C# .NET Step by Step. It creates a shortcut in the right click context menu of Windows Explorer to open a command prompt in the current directory.

This entry was:

Expose for Windows

misc Exposé is definitely my favorite feature in OSX, and just the other day, I found a

Windows version of Exposé called iEx.

iEx does the job, but it can be a bit flaky.

This entry was:

xcopy - Handy tool on windows

misc xcopy is useful program that is included with Windows.

This entry was:

Right Click - Edit with Notepad

misc Developers and system administrators often need to open files of types that aren't mapped to a particular program. This ofcourse requires that slow "Open With" window to pop up. A trick I recently found is to add a shortcut to the right click menu, to open files with notepad.

This entry was:

FTP Scripts on windows

misc I found this Microsoft KB article today 96269 which shows you how to use the ftp program that comes with

all versions of windows an automate a file transfer.

ftp -s:script.txt

The contents of script.

This entry was:

Tab completion in Windows 2000

misc One of my favorite features of unix is tab completion. You can type the first letter of a directory, and then hit tab and it will complete the rest for you. This is enabled by default on Windows XP, but on windows 2000 it isn't. Here's how you enable it. Run regedit.

This entry was:

Uptime for Windows 2000, 2003, XP and NT

misc Almost every unix operating system comes with a utility called uptime that tells you how long your server has been running.

Unfortunitly no such tool comes with windows, but there is a pretty fool proof way to determine the date you computer was last started.

This entry was:

Batch Files to Restart Services on Windows

coldfusion I wrote some batch files today for restarting services on windows. The bat files can be used to restart ColdFusion MX or IIS services on Windows NT/2000/XP.

Batch File to restart ColdFusion MX

@echo off

REM - File: cfmxrestart.

This entry was:


did you hack my cf?