Blog

Category Filtering: 'Server-Administration'

Remove Filter


CommandBox Multi-Server Support Now In Beta (v3.1.0)

Posted by Brad Wood
May 04, 2016 13:59:00 UTC

I've been just giddy testing the new Multi-server support in our latest CommandBox 3.1.0 beta.  I never knew starting up a ColdFusion 9 server could be so exciting.  Well it is when you just have to type:

CommandBox> start [email protected]

That's it. You don't need a single thing installed prior other than CommandBox.  Everything necessary will be downloaded and, depending on your internet connection speeds, you'll have a new server running in less than 60 seconds.  Don't worry, it's not limited to ColdFusion 9.  We also are supporting Adobe ColdFusion 10, 11, and 2016 as well as Railo Server 4.2 and Lucee Server 5.0 rc!

JVM Args Don't Like Line Breaks

Posted by Brad Wood
Jan 30, 2010 23:44:00 UTC
A brief hiatus today from from the PCI Compliance series to issue a quick public service announcement. I was installing my free copy of SeeFusion today that I netted in the recent give-away WebApper had. Since the target machine was CF7 on a OpenSuse Linux with the JVM upgraded to 1.4.2_11, it was a "manual" install. Pretty easy-- copy a few jar files and edit a few configs. The problem was, SeeFusion wasn't able to connect to my debugging port to capture stack traces and I couldn't figure out why.

PCI DSS Compliance Part 2 - Weak SSL And Ciphers

Posted by Brad Wood
Jan 29, 2010 23:44:28 UTC
The next stop on our PCI DSS Compliance tour is disabling weak SSL versions and encryption ciphers. If your site is handling credit card payments, it is undoubtedly using HTTPS for at least the pages that collect payment information. I thought I had already taken care of this item, but I was apparently mistaken. Fortunately, this is pretty easy to fix and if you're on Windows I've even cooked up a quick and easy registry file for you to use.

PCI DSS Compliance Part 1 - Predictable Session ID Vulnerability

Posted by Brad Wood
Jan 28, 2010 22:24:00 UTC
As a web developer you have your share of demons you have to face. If your company processes credit cards, chances are your yearly PCI DSS compliance scan is one of those demons. I thought I would do a short series on a few security items I tightened down as a result of our last PCI scan. This is by no means a comprehensive list of everything needed to pass a PCI scan. If you want to know that and have time to read a 74 page PDF you can get a copy of the Spec at www.pcisecuritystandards.org.

Two Tips For Making Sure Your Mail Gets Sent

Posted by Brad Wood
Dec 07, 2009 22:31:00 UTC
A lot of you have web servers that double as mail servers to relay out mail from your ColdFusion applications. Even if you have a separate server that handles your mail relay, this post should still be helpful. The more and more that spam proliferates on the Internet, the more antsy ISPs get about blocking mail. There are a litany of reasons an ISP might reject mail from your server. GoDaddy has been one of the most annoying companies to deal with. There are two things I had to fix on my mail server before they would accept mail from my server. Reverse DNS and Helo host name.

When GoDaddy Becomes NoDaddy

Posted by Brad Wood
Nov 08, 2009 01:52:00 UTC
Some time ago GoDaddy manged to get the IP address of my VPS in their little black book and began refusing to receive any mail which originated from it. Unfortunately for me, I use GoDaddy for my E-mail hosting and that meant I stopped getting all E-mails that were sent from my server. A couple weeks ago I got around to calling them to see just what was going on. I would rather mud-wrestle a large sea-sick crocodile before repeating this tedious conversation with their bumbling excuse for tech support. Here are the details of my correspondence with them.

Server Hardening: What Ports Do I Have Open?

Posted by Brad Wood
Sep 21, 2009 23:52:00 UTC
When you think of your production servers, you need to imagine them as your car sporting a new stereo in a parking lot with a bunch of would-be burglars milling around outside constantly checking each window and door to make sure you locked it tightly the last time you had it open. Every door, window, or keyless entry system is a potential point of invasion that can fail you. Why do you think those brinks trucks have no windows and the only way in the back is a single, beefy, padlocked door. A Brinks truck may not be convenient to access, but that isn't their goal. You need to control the ways into your server with the same gusto.

How To Get The SQL Server SPID Out Of SeeFusion

Posted by Brad Wood
Sep 21, 2009 22:19:00 UTC
I've never kept too quiet about my affection for SeeFusion as a ColdFusion monitoring tool. I use it for debugging, performance monitoring, and basic metrics gathering. Here's an old note on the JDBC URL wrappers that I found myself digging up last week. I don't even think you can find this nugget on the official SeeFusion site.

Bolt, Centuar, Flash Catalyst, and Gumbo features

Posted by Brad Wood
Jun 19, 2009 23:56:00 UTC
This Wednesday Adobe's Kevin Hoyt spoke in Kansas City to a captive audience of about 75 people including ColdFusion programmers, HTML/CSS builders, and designers. The meeting was great. It also included Jack Stack BBQ and shwag from Uhlig, Emfluence, and Tek Systems to name a few. Kevin didn't drop any bombs I hadn't heard about yet, but there were definitely a few things I learned about Adobe's up-and-coming products. Here's a quick overview of my notes:

Add Your Own Custom Tools To CF Administrator- How Did I Miss This?

Posted by Brad Wood
Mar 21, 2009 11:58:00 UTC
This is a really cool feature of ColdFusion 8 that I had totally missed but I stumbled across an article on Ray Camden's blog today. (Thanks Ray!) Basically, you can modify your ColdFusion Administrator menus to include custom tools of your own choosing. Several pre-built ones out there including SpoolMail, a nifty util to re-copy your undeliverable mail back into the spool folder; and Cache Clearer, an easy way to clear out specific folders of trusted cache.

Site Updates

Entries Search