ColdFusion Category

2022

• Creating a ColdFusion UUID in MySQL
• Better CFML Code with CI
• How to read a ColdFusion Stacktrace
• Spring4Shell and ColdFusion

2021

• Log4j CVE-2021-44228 Log4Shell Vulnerability on ColdFusion / Lucee
• Listing loaded OSGI Bundles in Lucee
• Securing ColdFusion Applications - DevWeek 2021
• URL Safe Base64 Encoding / Decoding in CFML
• Using Hashicorp Vault with ColdFusion
• SessionInvalidate for JEE Sessions
• Is maxlength necessary in cfqueryparam with timestamps?

2020

• ColdFusion Summit Fall 2020
• CFML Left and Right Functions can Accept Negative Counts
• Setting Lucee Admin Password with CommandBox
• Cleaning up Development Disk Space CommandBox
• ColdFusion 2020 Developer Week - Securing CF
• Slides: Continuous Integration Zero to Infinity
• Dumping HTTP Servlet Request Attributes and Parameters in CF
• Scan CFML for Security Issues from VS Code
• Minibox - a tiny commandbox docker image
• 6 ways to stay connected with other CF developers
• CFParam for Integer or Empty String

2019

• Is it necessary to cfqueryparam all values?
• Slides from my 2019 ColdFusion Summit Las Vegas Talk
• Development SSL / TLS with CommandBox
• ColdFusion Function Arguments now support Integer
• Tuning Tomcat IIS Connectors worker.properties and server.xml
• Tomcat Virtual Directory Howto
• Fixinator and Foundeo Security Bundle
• Running CFML on AWS Lambda with FuseLess Slides
• Updating Java on ColdFusion or Lucee
• ColdFusion returning empty response with server-error: true
• Careful applying CF11u16, CF2016u8, CF2018u2
• csrfVerifyToken does not invalidate the token
• The cf_sql_ is optional in cfqueryparam

2018

• SameSite Cookies with IIS

2017

• Announcing FuseGuard Version 3
• CFSummit 2017
• Upcoming CFML Conferences in April 2017

2016

• CFSummit 2016 Slides
• Securing Legacy CFML - dev.Objective() 2016 Slides

2015

• My CFSummit 2015 Slide Decks
• Adding Chrome Custom Search for CFDocs
• Disable Flash Remoting on ColdFusion Servers
• HackMyCF Adds SSL/TLS Scanner
• IncompatibleClassChangeError after ColdFusion 11 Update 5
• Scope Injection in CFML

2014

• Upload Files Directly to Amazon S3 using ColdFusion
• SessionRotate solution for JEE Sessions
• False TemplateNotFoundException ColdFusion 9

2013

• ColdFusion defaults avoid flawed Random Number Generator
• FuseGuard 2.4 Released
• New HackMyCF Features
• CFDocs site now Open Source
• Getting Size of Heap and Non Heap Memory in CFML
• Writing Secure CFML cfObjective 2013 Slides
• J2EE Sessions in CF10 Uses Secure Cookies
• Learn about ColdFusion Security at cfObjective 2013
• Session Loss and Session Fixation in ColdFusion
• FuseGuard 2.3 Released

2012

• CKEditor Spell Checker Plugin
• Adobe Says Go Ahead and Upgrade your ColdFusion JVM
• Announcing CFML Weekly Email
• Minor bug in ColdFusion 10 Linux Startup Scripts
• Understanding HashDos and postParameterLimit
• ColdFusion 10 Security Enhancements Presentation
• Speaking at ColdFusion Developer Week 2012
• Speaking at ColdFusion Zeus Preview Event in DC
• Setup ColdFusion 9.0.1 Fully Patched
• Enabling Unlimited Strength Cryptography in ColdFusion

2011

• HashDOS and ColdFusion
• HackMyCF Updated for APSB11-29 Security Hotfix
• Adobe eSeminar on FuseGuard
• Determining Which Cumulative Hotfixes are Installed on ColdFusion
• Adding Two Factor Authentication to ColdFusion Administrator
• ColdFusion Developer Week at Adobe.com
• Bug Loading Scripts for CFFileUpload and CFMediaPlayer
• Video: Installing FuseGuard
• Client Variable Cookie CFGLOBALS Includes Session Ids
• Maximum Security CFML - cfObjective Slides
• ColdFusion Lockdown Series - Multiple Partitions
• ColdFusion's Builtin Enterprise Security API
• Recent ColdFusion Security Hotfix Updated Today
• Important Java Security Patch Released
• HackMyCF Scanner Updated
• Sponsoring and Speaking at cf.Objective() 2011
• Changing the ColdFusion CFIDE Scripts Location
• Announcing HackMyCF Paid Subscriptions

2010

• Troubleshooting ColdFusion 9 .NET Integration Issues
• Setting up HTTPOnly Session Cookies for ColdFusion
• Path Traversal Vulnerability Security Hotfix for ColdFusion Released
• Using AntiSamy with ColdFusion
• Writing Secure CFML Slides from CFUnited 2010
• Locking Down ColdFusion Presentation Slides
• Using jQuery UI Autocomplete with Hidden ID's
• 10 Ideas to Improve Security in ColdFusion 10
• CFMeetup Thursday: Intro to FuseGuard and Web Application Firewalls
• How to Disable Robust Exception Information on Lucee or Railo
• Is your ColdFusion Administrator Actually Public?
• HackMyCF.com Now Detects BlazeDS Vulnerability