The slides that I used in my "ColdFusion Security Essentials" presentation last month (down in Rolins, GA) are now online at http://www.forta.com/cf/resources/CFMX7_Security_Essentials.swf.
ColdFusion Security Essentials Slides Posted
4 Comments
B
Ben Forta
Yeah, I wondered who'd be the first to point that out. Cobblers children. :-)
E
Eddie Awad
Good resource. It is amazing to me how many people leave their ColdFusion Administrator wide open and only protected by a password. I always restrict the /cfide/administrator folder to specific (internal) IP addresses.
Note: I had no problem browsing http://www.forta.com/cfide/administrator/.
Thank you -- eddieawad.blogspot.com
G
Greg
I see in your slides that you are extolling the security history of CF. While that may be true, I just reported a HUGE DoS problem that the QA team and dev teams already know about, in 6.1 and 7.
Hope they get it fixed soon.
L
Lola
Greg, but a DOS is unpreventable, that's why it is called DOS...lol...