it doesn't take any expertise, this is the whole point, anyone can do it (badly)
sure something may break by being locked down, but as I said earlier, you have 2 choices.. 1. out of the box install, not secure, but your site works just fine.. So nothing to learn unless you choose to. User continues in blissful ignorance. 2. out of the box, locked down and secure, but site may break, so you have to learn something about CF security to get it working. Learning is required and not optional, user has now learnt something new and has a secure system. surely this is a no brainier. On Fri, Mar 28, 2014 at 4:01 PM, Dave Watts <dwa...@figleaf.com> wrote: > > > > If you let your nephew install a server and don't > > > bother to double check his work, that is *your* fault, no one else. > > > > What does this matter when the bad juju blows back publicly on the > product > > itself? > > > > Blaming the customer for problems in other channels typically doesn't > tend > > to end well for the seller. Thats what I am seeing here. I know you're > > right... but is that relevant to long term sales growth? I'm no longer a > > full-time CF developer. I run a company whose focus has to be on > customer > > service. I cannot imagine an approach like that surviving in my > > marketplace for long. So I'm not looking at this from a technical > > perspective. At its root this is not a tech problem at all. Its a > problem > > with consumer perception of the product. > > Like you, I'm in a business that has to focus on customer service. But > I think there's an important difference in expectations between > providing services and selling tools. My customers expect me to know > how to do things right - to understand how my tools work. When you buy > a tool, you are expected to know how to use the tool, and there is > only so much the tool vendor can do to prevent you from misusing the > tool. > > Application servers are inherently complex, and it takes a certain > level of expertise to set them up. There's no getting around that. I > agree that Adobe might be able to do a couple of things to make the > process easier, but I think those things might also have unintended > consequences - breaking existing applications, etc. In the end, > security is going to rely on the knowledge of the administrator and > developers. > > Dave Watts, CTO, Fig Leaf Software > 1-202-527-9569 > http://www.figleaf.com/ > http://training.figleaf.com/ > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > GSA Schedule, and provides the highest caliber vendor-authorized > instruction at our training centers, online, or onsite. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:358182 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
