New HackMyCF Features
Connector Version Check
Did you know that when you run the CF10 updater it doesn't update your web server connectors, you have to do that manually? Do you have any idea if you are running the latest web server connector? As part of your HackMyCF report (with our cfm file installed on your server) you can now see if you are running the latest connector for (CF9+). See an example report for CF9 or CF10.
Your /CFIDE directory is a target for hackers to upload a malicious backdoor/shell cfm file because it is an implicit mapping, and often has full sandbox permissions when sandbox security is enabled. The latest version of HackMyCF's probe (this is the cfm file you place on your server that we connect to) can send back a listing of files and their MD5 checksums, allowing HackMyCF to find some of these malicious files. This update also lays the ground work for us to alert you when files are added or modified in /CFIDE.
- HackMyCF Updated for APSB11-29 Security Hotfix - December 15, 2011
- Determining Which Cumulative Hotfixes are Installed on ColdFusion - September 20, 2011
- Changing the ColdFusion CFIDE Scripts Location - January 10, 2011
- Is your ColdFusion Administrator Actually Public? - April 28, 2010
- HackMyCF.com Now Detects BlazeDS Vulnerability - April 27, 2010
- SameSite Cookies with IIS
- Facebook API Now Requires Review for user_friends Permission
- Docker Container exited with code 137
- Why is my cron.daily script not running?
- Announcing FuseGuard Version 3
- CFSummit 2017
- Java Unlimited Strength Crypto Policy for Java 9 or 1.8.0_151
- Java 9 Security Enhancements