Blog Consulting Products Contact

ColdFusion Category

2022

Spring4Shell and ColdFusion

2021

Log4j CVE-2021-44228 Log4Shell Vulnerability on ColdFusion / Lucee
Listing loaded OSGI Bundles in Lucee
Securing ColdFusion Applications - DevWeek 2021
URL Safe Base64 Encoding / Decoding in CFML
Using Hashicorp Vault with ColdFusion
SessionInvalidate for JEE Sessions
Is maxlength necessary in cfqueryparam with timestamps?

2020

ColdFusion Summit Fall 2020
CFML Left and Right Functions can Accept Negative Counts
Setting Lucee Admin Password with CommandBox
Cleaning up Development Disk Space CommandBox
ColdFusion 2020 Developer Week - Securing CF
Slides: Continuous Integration Zero to Infinity
Dumping HTTP Servlet Request Attributes and Parameters in CF
Scan CFML for Security Issues from VS Code
Minibox - a tiny commandbox docker image
6 ways to stay connected with other CF developers
CFParam for Integer or Empty String

2019

Is it necessary to cfqueryparam all values?
Slides from my 2019 ColdFusion Summit Las Vegas Talk
Development SSL / TLS with CommandBox
ColdFusion Function Arguments now support Integer
Tuning Tomcat IIS Connectors worker.properties and server.xml
Tomcat Virtual Directory Howto
Fixinator and Foundeo Security Bundle
Running CFML on AWS Lambda with FuseLess Slides
Updating Java on ColdFusion or Lucee
ColdFusion returning empty response with server-error: true
Careful applying CF11u16, CF2016u8, CF2018u2
csrfVerifyToken does not invalidate the token
The cf_sql_ is optional in cfqueryparam

2018

SameSite Cookies with IIS

2017

Announcing FuseGuard Version 3
CFSummit 2017
Upcoming CFML Conferences in April 2017

2016

CFSummit 2016 Slides
Securing Legacy CFML - dev.Objective() 2016 Slides

2015

My CFSummit 2015 Slide Decks
Adding Chrome Custom Search for CFDocs
Disable Flash Remoting on ColdFusion Servers
HackMyCF Adds SSL/TLS Scanner
IncompatibleClassChangeError after ColdFusion 11 Update 5
Scope Injection in CFML

2014

Upload Files Directly to Amazon S3 using ColdFusion
SessionRotate solution for JEE Sessions
False TemplateNotFoundException ColdFusion 9

2013

ColdFusion defaults avoid flawed Random Number Generator
FuseGuard 2.4 Released
New HackMyCF Features
CFDocs site now Open Source
Getting Size of Heap and Non Heap Memory in CFML
Writing Secure CFML cfObjective 2013 Slides
J2EE Sessions in CF10 Uses Secure Cookies
Learn about ColdFusion Security at cfObjective 2013
Session Loss and Session Fixation in ColdFusion
FuseGuard 2.3 Released

2012

CKEditor Spell Checker Plugin
Adobe Says Go Ahead and Upgrade your ColdFusion JVM
Announcing CFML Weekly Email
Minor bug in ColdFusion 10 Linux Startup Scripts
Understanding HashDos and postParameterLimit
ColdFusion 10 Security Enhancements Presentation
Speaking at ColdFusion Developer Week 2012
Speaking at ColdFusion Zeus Preview Event in DC
Setup ColdFusion 9.0.1 Fully Patched
Enabling Unlimited Strength Cryptography in ColdFusion

2011

HashDOS and ColdFusion
HackMyCF Updated for APSB11-29 Security Hotfix
Adobe eSeminar on FuseGuard
Determining Which Cumulative Hotfixes are Installed on ColdFusion
Adding Two Factor Authentication to ColdFusion Administrator
ColdFusion Developer Week at Adobe.com
Bug Loading Scripts for CFFileUpload and CFMediaPlayer
Video: Installing FuseGuard
Client Variable Cookie CFGLOBALS Includes Session Ids
Maximum Security CFML - cfObjective Slides
ColdFusion Lockdown Series - Multiple Partitions
ColdFusion's Builtin Enterprise Security API
Recent ColdFusion Security Hotfix Updated Today
Important Java Security Patch Released
HackMyCF Scanner Updated
Sponsoring and Speaking at cf.Objective() 2011
Changing the ColdFusion CFIDE Scripts Location
Announcing HackMyCF Paid Subscriptions

2010

Troubleshooting ColdFusion 9 .NET Integration Issues
Setting up HTTPOnly Session Cookies for ColdFusion
Path Traversal Vulnerability Security Hotfix for ColdFusion Released
Using AntiSamy with ColdFusion
Writing Secure CFML Slides from CFUnited 2010
Locking Down ColdFusion Presentation Slides
Using jQuery UI Autocomplete with Hidden ID's
10 Ideas to Improve Security in ColdFusion 10
CFMeetup Thursday: Intro to FuseGuard and Web Application Firewalls
How to Disable Robust Exception Information on Lucee or Railo
Is your ColdFusion Administrator Actually Public?
HackMyCF.com Now Detects BlazeDS Vulnerability
Last Day to win Free ColdFusion Security Training
Cache Template in Request Setting Explained
What Version of Java is ColdFusion Using?

Pete Freitag

Pete is a husband and father located in scenic Central New York area. He owns a ColdFusion Consulting & Products company, Foundeo Inc. Pete is a frequent speaker at national conferences including Adobe ColdFusion Summit, Into The Box and others. He holds a BS in Software Engineering from Clarkson University. Read more about pete here.