Blog

Blog posts tagged ColdFusion
23Jul
2014
ColdFusion Builder Updated

ColdFusion Builder 3 Update 2 has been released. It addresses a series of issues, as defined in this post. The team has also posted some notes on ColdFusion Builder 3 automatic updates notification and installation options.

Read More ›

29Apr
2014
ColdFusion 11 Now Available

The ColdFusion team has announced the release of the next major version of the product, ColdFusion 11. Here are details on some of the new features, and the updated buying guide highlights edition differences. We've also released a significantly updated ColdFusion Builder 3.

Read More ›

25Apr
2014
GCN On ColdFusion And The Most Secure Programming Language

GCN has posted a story on the most secure web language based on data from WhiteHat Security in its 2014 Website Security Statistics Report. WhiteHat performed vulnerability assessments of more than 30,000 websites using .NET, Java, ASP, PHP, ColdFusion, and Perl.

Read More ›

11Apr
2014
Upcoming ColdFusion Seminars

With the next major version of ColdFusion now in public beta, the ColdFusion team is hosting a series of online seminars.

Read More ›

20Mar
2014
Into The Box 2014

A day before cf.Objective() 2014, the ColdBox team is hosting the one-day Into The Box 2014, featuring sessions on the entire ColdBox family - WireBox, CacheBox, LogBox, TestBox, ProfileBox, and more.

Read More ›

17Mar
2014
Krebs On Security ColdFusion Story

Krebs on Security has posted a story with the link bait title of The Long Tail of ColdFusion Fail. The title is misleading; the story is not about ColdFusion fails at all, but about IT failing to keep servers up to date to deal with already addressed security holes. But, wrong title aside, the message is one worth repeating.

Read More ›

19Feb
2014
ColdFusion Splendor And Thunder Public Beta

The next major versions of ColdFusion (codenamed "Splendor") and ColdFusion Builder (codenamed "Thunder") are now available for public beta over on Adobe Labs.

Read More ›

12Nov
2013
ColdFusion Security Update Posted

The ColdFusion team has announced a security hotfix for CF9.x and CF10. Here are some details.

Read More ›

10Nov
2013
Neglected ColdFusion Servers Invite Hackers

Information Week has published an important article entitled ColdFusion Hacks Point To Unpatched Systems. The basic premise is nothing ColdFusion specific; if you deploy public facing servers and then neglect to patch or update them, well, you're asking for trouble. That said, ColdFusion seems to be particularly vulnerable not because of the software itself, but because ColdFusion servers are often deployed and used by less experienced developers and administrators. (That, and many are considered "legacy" code for "we'll keep using it but will never actually pay attention to it").

If you host public facing servers, then you have a responsibility to manage and maintain them. So, two practical suggestions:

  • If you are not using ColdFusion 10, upgrade now! ColdFusion 10 can notify you of available updates, and also simplifies installing them. While I wish ColdFusion would have offered this years ago, it does offer it now, so use it!
  • Sign up with HackMyCF, a monitoring service that will probe your ColdFusion servers and will then send you notifications and alerts. It's inexpensive, and will more than pay for itself the first time it alerts you to plug a hole.

Read More ›

21Oct
2013
cf.Objective() 2014

It's been quite a few years since I made it to cf.Objective(), it's a great conference and one I've regretted missing. cf.Objective() 2014 details are now online, and the call for speakers is open.

Read More ›