Locking Down ColdFusion Presentation Slides
The slides for my 2010 CFUnited presentation Locking Down ColdFusion are now available. The presentation is based on the ColDFusion 9 Lockdown Guide whitepaper that I wrote for Adobe. It covers various techniques to make your ColdFusion installation more secure.
I also presented on Writing Secure CFML at CFUnited which as you can probably gather is more dedicated to the coding side of things. Those slides will be available soon.
- Is your ColdFusion Administrator Actually Public? - April 28, 2010
- Howto Require SSL for ColdFusion Administrator - October 23, 2009
- CFSummit 2016 Slides - October 17, 2016
- Scope Injection in CFML - March 3, 2015
- New HackMyCF Features - October 24, 2013
Your link to the guide on Adobe's website is broken. Also, you have a capital "D" in ColdFusion (e.g. ColDFusion).
- ColdFusion returning empty response with server-error: true
- Careful applying CF11u16, CF2016u8, CF2018u2
- Sessions don't work in Chrome but do in IE
- csrfVerifyToken does not invalidate the token
- The cf_sql_ is optional in cfqueryparam
- Cookie Expires / Max-Age 1969-12-31T23:59:59.000Z
- Burst Throttling on AWS API Gateway Explained
- How to Resolve Java HTTPS Exceptions