December 7, 2018
One nice feature of AWS API Gateway is that you can configure or Throttle the Burst (requests) and Rate (requests per second). The first time I looked at that it was not really clear to me how the Burst (requests) throttling works....
November 21, 2018
TLDR: Most java HTTPS connection problems can be fixed by updating the JVM. Don't import into cacerts unless you really need to (eg you have an internal CA within your organization). Test other http clients to make sure it is really a java problem....
September 13, 2018
I ran into some issues getting the Lucee Tomcat 8.5 service to start on with Java 10.0.2 on a Windows 2016 Server....
May 14, 2018
SameSite cookies are a great technique for mitigating Cross Site Request Forgery attacks. The only downside is that not all browsers support them yet (ahem... looking at you IE)....
April 5, 2018
Looking at the Facebook Developer API documentation yesterday, I noticed a subtle change in the permissions that they give to developers without review on the graph API....
January 18, 2018
When attempting to fire up a bunch of docker containers using docker-compose on a Mac, one of the containers was randomly exiting with the exit code 137....
January 10, 2018
Over the years when setting up servers I have run into the various ways that your cron.daily or cron.hourly scripts manage to fail to run....
November 30, 2017
After many hours in development and testing we are proud to announce the release of FuseGuard 3! FuseGuard 3 ships with 11 new filters, 1 new logger and several additional improvements to better protect your CFML applications....
November 27, 2017
It was another great ColdFusion Summit event in Las Vegas this year. My company Foundeo Inc. was a sponsor again this year. It was great to meet so many new people this year....
October 19, 2017
Starting with Java 1.8.0_151 and 1.8.0_152 there is a new somewhat easier way to enable the unlimited strength jurisdiction policy for the JVM. Without enabling this you cannot use AES-256 for example....
September 21, 2017
With the General Availability release of Java 9 scheduled for today, I thought it would be appropriate to go over the new features that pertain to security.
Implement HTTP/2 Client...
April 4, 2017
I will be speaking at two conferences this month.
The conference is the Adobe CFSummit East also known as the Adobe ColdFusion Government Summit. It will be held on April 18-19, 2017 in Washington DC....
Pete Freitag