Steve, One should at least explain why hosts disable those tags. They are all dangerous tags that provide IO access and the host is probably just be cautious. If these were just enabled by default then the server could be hacked in about 5 seconds. However some of those tags should be allowed with a security sandbox, so ask them if you can have one. There is no reason not to allow the following with a sandbox.
CFCOLLECTION CFCONTENT CFDUMP CFLOG CFOBJECTCACHE SetProfileString However No host should ever allow the following, if they do, I suggest you move as they are very insecure indeed. CreateObject(COM) Cfexecute Cfregistry. The following are also very dangerous and a sandbox doesn't really help, but most hosts have to allow them because none of the frameworks will work without them. CreateObject(JAVA) CFOBJECT This list you have supplied is however rather short, there should actually be many more tags disabled such as cffile and cfdirectory for a start. If this is the only list they gave you, then I would say they have no idea what they are doing with ColdFusion we allow almost all tags with a security sandbox and have been doing CF hosting for 10 years. See the DEVELOPER NOTES tab on this page for more details. http://www.cfmxhosting.co.uk/index.cfm?action=services.hosting Regards -- Russ Michaels www.cfmldeveloper.com - free CFML hosting for developers my blog: http://russ.michaels.me.uk/ skype: russmichaels ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:338999 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
