Yes Raymond, in the world I live in where I often have to go in and clean up a mess made by inexperienced developers or the client's nerdy nephew, there are people who are unaware that extra server lock down would be necessary. There are also noobs who get hired at web hosting companies who don't know that servers need to be hardened, and install anything that looks shiny without understanding what they are doing. The existence of so many website vulnerabilities due to people who don't know what they are doing installing or supporting servers is proof positive of this,
Playing attention to the requirement to inform these people about the need for extra lock down early in the process would be more effective in solving the problem than Adobe employees and evangelists ignoring the fact that these people exist and doing nothing more than yelling Rah, Rah, Adobe as if the company had no place in the solution. On Thu, Mar 27, 2014 at 6:52 PM, Raymond Camden <raymondcam...@gmail.com> wrote: > > On Thu, Mar 27, 2014 at 8:12 PM, Maureen <mamamaur...@gmail.com> wrote: > >> >> And that "direction on how to secure it more" exists where exactly? >> Is it in the install instructions, or only in some obscure document >> that a person unfamiliar with the need for security might not know >> about? >> >> > So to be clear - there are people installing servers who don't know that > security is important? > > Nothing can help them. > > I don't know about you - but pretty much *any* tech I use, I know to google > "foo security" to see what resources exist for securing the app, install, > etc. Number one result for coldfusion security was > > http://www.adobe.com/devnet/coldfusion/security.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:358151 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
