Some of the design choices in Office 2007 really baffle me. Some simple tasks just cannot be completed without jumping through so many hoops. I can’t understand why this isn’t on every website in the entire world! But, I hope this helps some of you out: Go To: My Computer > Tools > Folder Options > File Types [...]
Category Archives: Windows
Setting secure attribute of JSESSIONID cookie in ColdFusion 8
As part of PCI compliance our servers were run through third party security auditing and one warning we received was “Missing Secure Attribute in an Encrypted Session (SSL) Cookie”. This warning referred to the JSESSIONID cookie being set in our SSL enabled pages not having the SECURE attribute set. In ColdFusion there is no way [...]
Web data security paranoia
My recent experiences with several hacking attacks has made me think more about application and data security on the web. In today’s world nothing can be taken for granted and security should be of the highest concern, no mater how simple you think your application or trivial the data you store. Many web applications are [...]
Also posted in ColdFusion, Databases, PHP, Security Tagged ColdFusion, database, encryption, Security, SQL Server 1 Comment
Preventing SQL Injection attacks in ColdFusion
This is an article I came across on Ben Forta’s blog. This gives some very good tips on preventing SQL injection attacks and provides some excellent best practices. http://www.adobe.com/devnet/coldfusion/articles/sql_injection.html When I took up my current position we had to do a vulnerability scan to become PCI compliant and well we originally failed horribly. After much [...]
HostMySite security breach
I recently posted an article about a security breach on my web server which was as a result of my own stupidity but when a site that I manage and host on HostMySite.com is breached twice in 4 days I get extremely peeved. The incident occurred on their ColdFusion shared hosting plan and an attacker [...]
