Category Archives: Windows
Web data security paranoia
My recent experiences with several hacking attacks has made me think more about application and data security on the web. In today’s world nothing can be taken for granted and security should be of the highest concern, no mater how simple you think your application or trivial the data you store. Many web applications are [...]
Also posted in ColdFusion, Databases, PHP, Security Tagged ColdFusion, database, encryption, Security, SQL Server 1 Comment
Preventing SQL Injection attacks in ColdFusion
This is an article I came across on Ben Forta’s blog. This gives some very good tips on preventing SQL injection attacks and provides some excellent best practices.
http://www.adobe.com/devnet/coldfusion/articles/sql_injection.html
When I took up my current position we had to do a vulnerability scan to become PCI compliant and well we originally failed horribly. After much work we [...]
HostMySite security breach
I recently posted an article about a security breach on my web server which was as a result of my own stupidity but when a site that I manage and host on HostMySite.com is breached twice in 4 days I get extremely peeved. The incident occurred on their ColdFusion shared hosting plan and an attacker [...]
File upload timeouts on IIS 6
Scenario:
Simple file upload application using ColdFusion 8 on IIS 6 and Windows 2003 server. The application allows for large files to be uploaded to the server for backend processing. File sizes range from 10MB – 300 MB.
Problem:
File upload fails for files greater than 30MB.
Analysis:
Several options were investigated including the following:
Maximum upload file size in ColdFusion [...]
Also posted in ColdFusion, IIS, Programming, Server Tagged ColdFusion, IIS, Programming, Windows 2 Comments
Setting secure attribute of JSESSIONID cookie in ColdFusion 8