Thanks. My main concern is from the CF side of things. The network admins can look at the rest. I am introducing CF here at my new employer and I will need to provide this type of info for them if they choose to go with CF.
-----Original Message----- From: webguy [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2003 11:58 AM To: CF-Talk Subject: RE: Questions about security Secure Windows - get the O'reilly book http://www.oreilly.com/catalog/securwinserv/ http://www.microsoft.com/security/ Secure IIS - http://www.iisfaq.com/default.aspx?view=P142 Secure SQL server -http://www.sqlsecurity.com/DesktopDefault.aspx Use database roles etc.. Secure CFMX - http://www.macromedia.com/devnet/security/security_zone/ Secure your application. e.g. http://secinf.net/websecurity/ CF specific - http://www.macromedia.com/support/coldfusion/technotes.html [short list] Possibly encrypt your data, or build a write only database table. For example you will probably never need to show a credit card number on a website (maybe some of it - last 5 digits), but will need to use it on a back end. Use a different database role to read it. WG -----Original Message----- From: Eric Creese [mailto:[EMAIL PROTECTED] Sent: 30 June 2003 17:35 To: CF-Talk Subject: Questions about security I have some questions about CFMX security, loop hole, pit falls and configuration. I have two Win2k clustered servers that will contain membership data that will be stored in SQL Server DB on a third server. I need to insure that I will not be hacked. Is there any particular configuration that is recommended or issues? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
