I also once had a client who did this, they were Linux heads who thought that hiding the "sucky insecure windows/cf server" behind a linux server and doing a reverse proxy would make it secure. But of course it didn't as everything still works the same way, the SQL injections still got through, the insecure file upload forms still allowed files to be uploaded, which could then be executed as they had cfexecute and cfregistry enabled.
the worse thing is this was the governments hosting dept :-) On Fri, Mar 28, 2014 at 6:13 PM, Dave Watts <dwa...@figleaf.com> wrote: > > > I am particularly amused by the last category where NGINX has more > > marketshare then IIS in the top million busiest sites. > > I'm not all that surprised. Very busy sites are likely to have better > infrastructure. Nginx makes a very good reverse proxy for internal > servers. I have a customer in the top 10k Netcraft ranking doing > exactly that, using IIS and CF internally, and exposing them to public > access only through reverse proxies. > > Dave Watts, CTO, Fig Leaf Software > 1-202-527-9569 > http://www.figleaf.com/ > http://training.figleaf.com/ > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > GSA Schedule, and provides the highest caliber vendor-authorized > instruction at our training centers, online, or onsite. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:358206 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
