4 thoughts

  1. Good resource. It is amazing to me how many people leave their ColdFusion Administrator wide open and only protected by a password. I always restrict the /cfide/administrator folder to specific (internal) IP addresses.
    Note: I had no problem browsing http://www.forta.com/cfide/administrator/.
    Thank you — eddieawad.blogspot.com

  2. I see in your slides that you are extolling the security history of CF. While that may be true, I just reported a HUGE DoS problem that the QA team and dev teams already know about, in 6.1 and 7.
    Hope they get it fixed soon.

Leave a Reply