ColdFusion 8 Security Whitepaper

coldfusion Adobe has published a whitepaper called: ColdFusion 8 Product Security Briefing, which outlines the results of an independent security audit from Information Risk Management Plc.

This entry was:

Seinfeld's Productivity Tip

misc LifeHacker has a great productivity tip from Jerry Seinfeld.

Here's how it works, let's say you want to learn about all the new features in ColdFusion 8. Now grab a wall calendar, and a red marker. Every day that you learn about a new feature mark a red X on that day.

This entry was:

How many iPhone Visitors have you had?

apple I was curious if anyone was using an iPhone to read my blog yet, I'm sure before too long we will all be optimizing our sites for 3.5" displays. To find out I did a little grep on my Apache log file and piped it to wc to count the number of matches:

fgrep 'iPhone;' access.

This entry was:

Firefox Now Supports HttpOnly Cookies

web You may be surprised to learn that Microsoft Internet Explorer has supported a a security feature called HttpOnly cookies since IE 6 SP1.

Firefox, which was released just the other day, now supports it.

This entry was:

Pinging Search Engines when Sitemaps Change

web Here's another little known feature about the sitemaps protocol, you can actually ping search engines and crawlers to tell them about your sitemap, or to tell them that it has changed.

This entry was:

8 Ways to Save Bandwidth on your RSS Feed

web One of the things you will notice after you have published an rss feed is that it will consume a lot of the bandwidth. For example on 18% of the requests are for RSS feeds. This is no wonder since feed readers may download your feed several times a day even if nothing has changed.

This entry was:

ColdFusion Security Presentation Slides

coldfusion I want to thank everyone who attended my sessions at CFUnited this year. I was particularly amazed by the turnout for Building Secure CFML Applications. Here are the slides for the presentation.

This entry was:

Announcing Web Application Firewall for ColdFusion

coldfusion I'm proud to announce a Web Application Firewall for ColdFusion, a new product that I have been working on. This product detects malicious requests (such as SQL Injection, Cross Site Scripting, etc) and then logs, filters, or blocks the request.

This entry was:

Web Application Security Blog Aggregator

web Christian Matthies has recently setup an aggregator for web application security related blogs called Planet Web Security. Highly recommended for staying on top of the latest web application security threats and exploits.

This entry was:

RSS Presentation Code and Slides

coldfusion Several people have asked me for the code samples and slides from my RSS presentation at the CFUnited conference (Working with RSS in ColdFusion). As promised, the slides and code examples are now up online.

This entry was:


did you hack my cf?