EnterpriseSecurity
SecurityProNews
ITmanagement







ColdFusion Security Reminder - READ NOW

By Raymond Camden
Expert Author
Article Date: 2007-05-18

I know I've blogged this before, and it's covered in my security checklist, but folks, stop what you are doing and make these changes right now on your production server...

* In the ColdFusion Admin, Debug Settings, turn off Enable Robust Exception Info.

* In the ColdFusion Admin, Settings, set a site-wide error handler. You only need to do this if you didn't bother to use onError or . You don't need a pretty page. You can just say 'Error!' and be done. This is still 10x better than exposing an error page to your user.

The above changes will take you - approximately - 2 minutes. So please do this.... now.

Comments
About the Author:
Raymond Camden, ray@camdenfamily.com
http://ray.camdenfamily.com

Raymond Camden is Vice President of Technology for roundpeg, Inc. A long time ColdFusion user, Raymond has worked on numerous ColdFusion books and is the creator of many of the most popular ColdFusion community web sites. He is an Adobe Community Expert, user group manager, and the proud father of three little bundles of joy.

Newsletter Archive | Submit Article | Advertising Information | About Us | Contact

EnterpriseSecurityNews is an iEntry, Inc.® publication © 1998-2008 All Rights Reserved Privacy Policy and Legal