A book I found last month has some useful info on URLs and CFIncludes (a
chapter devoted to CF):
"HackProofing Your Web Applications" by Jeff Forrisal and Julie Traxler
(Syngress Publications)
Thanks,
Mark
-----Original Message-----
From: Daryl Fullerton [mailto:[EMAIL PROTECTED]]
Sent: Sunday, August 12, 2001 10:38 AM
To: CF-Talk
Subject: Hacking CF Web Sites and Applications
Hi all,
Any one got general advice on how to prevent hackers from getting access to
CF sites via back doors and tampering with data
We dont want the hackers to be able to change data via URL strings.
e.g Encrypting URL variables etc
Anything else we should look at
Any good articles out there?
Thanks
Daryl Fullerton,
Managing Partner,
BizNet Solutions,
Allaire Premier Partner (Ireland)
133 - 137 Lisburn Road
Belfast
BT9 7AG
N.Ireland
Direct +44 (0) 28 9022 7888
Tel +44 (0) 028 9022 3224
Fax +44 (0) 028 9022 3223
[EMAIL PROTECTED]
Http://www.BizNet-Solutions.com
[EMAIL PROTECTED] (Chairman)
Http://www.cfug.ie The Irish Cold Fusion User Group
----- Original Message -----
From: "Dave Watts" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Saturday, August 11, 2001 7:32 PM
Subject: RE: CF and Verity Information Server
> > Anyone have any experience using a Verity server EXTERNAL to the CF
> > Server? Running the Verity included with CF5 is hitting the server's
> > performance too much so we set up a second server running Verity
> > Information Server 3.7.
> >
> > But I haven't the foggiest idea where to begin telling CF5 to use that
> > external server for search processing, etc.
> >
> > Can anyone point me to any documentation on this?
>
> I'm pretty sure you can set up the K2 server included with CF 5 on a
> different machine, and connect to it from the CF 5 server. I haven't
> actually tried this yet, though. The K2 stuff is covered somewhat in the
CF
> 5 docs, available in PDF on the Macromedia site. In the CF 5
Administrator,
> you can specify the host and port to connect to. I suspect that indexing
and
> collection creation might be a bit more complex using this.
>
> In addition, Fig Leaf's own Dave Gallerizzo did a brief Verity
presentation
> available here:
>
http://www.figleaf.com/figleafhome/cfug/2001/CFUGAug2001/VerityK2Server.zip
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
> voice: (202) 797-5496
> fax: (202) 797-5444
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
