At 09:05 11/02/2003, you wrote:
>What exactly does URLscan do?
see:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools/URLScan.asp
it's a http request filtering tool that runs as a high priority isapi
filter in IIS, blocking incoming requests that are considered "risky"
according to the settings in your urlscan.ini file.
Every IIS server should be running it, or something similar. We've been
running it for over a year alongside CF5 without any problems and upgraded
all our servers to version 2.5 a few months ago without a hitch. To use it
with CFMX you'll just need to ensure that you allow requests for coldfusion
files (I haven't used CFMX, but doesn't it have a new .cfc extension for
CFCs?). As far as I recall, the default config will allow requests for all
extensions that are not in the DenyExtensions list so it should work "out
of the box" for CFMX as well as CF5.
Mark
______________________________________________________________________
This list and all House of Fusion resources hosted by CFHosting.com. The place for
dependable ColdFusion Hosting.
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
