Will Tomlinson wrote: > > I just landed a contract and potential full time job at the local community > college. They'll be installing CF pretty soon too (WOOHOO)! > > I had a talk with their server guy, and he informed me that I wouldn't be > able to FTP my updates to the site because hackers target education > institutions, and he doesn't allow any FTP access.
I am in a somewhat similar position (pro bono serveradmin for students at uni here) and I just killed FTP in the specs for the next incarnation of the CF server. Normal FTP is technically insecure because it is a plain text protocol, is socially insecure because people use Internet Explorer for FTP access from public computers (which stores passwords) and is unwanted because people in general do not understand FTP (passive/active), use IE to FTP and have crazy firewall setups all resulting in many support calls. While as a professional web developer only the first reason applies to you, the other reasons probably apply to all other people that want access (teachers etc.). I can imagine he doesn't want to deal with that. > I have to give him my updates on a thumb drive and *he* puts them on the > server. That does not sound right. It is a manual process (error prone) and it makes you completely dependent on him. In my case I choose to put WebDAV over SSL in the specs, allowing people to just map the server in their Network Locations or mount the server as part of the file system (davfs2). It solves the technical security and usability issues, but not the social security issues. Another option would have been scp/sftp, but that was deemed support-intensive for this particular case. You might not be able to persuade your server admin, in which case you should consider whether making deployment an automated process is an option. Have some scripts that deploy straight from the source control system, where he writes the scripts to his liking and you can execute them. Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:210473 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
