Right on Matt, point taken. I still think shared hosting is the correct decision for nearly 99% of the sites out there. I mean the dbs should always be locked-down with username/passwords on that end. But like you said before Matt, you can get around all sandboxes and tag restrictions by tapping directly in j2ee. So what's really the point in trying to restrict access.
The fact is that if a site has any type of private data, you wouldn't be outsourcing hosting. If malicious uses do attack through the shared environment, I expect the host to be liable. You should ease up Alex, my original post was "no one has had anything bad to say about them", so the door was pretty much wide-open for a smack down. Adam Wayne Lehman Web Systems Developer Johns Hopkins Bloomberg School of Public Health Distance Education Division -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Liotta Sent: Thursday, July 31, 2003 4:36 PM To: [EMAIL PROTECTED] Subject: Re: [CFCDev] CF hosting provider? While I agree with the premise of the blog entry that shared hosting is risky no matter the application server, some application servers are a lot safer running in a shared hosting environment than others e.g. CF 5 is safer than CFMX. It seems like time would be better spent addressing CFMX's security issues as opposed to making it seem like there is nothing to be done. -Matt On Thursday, July 31, 2003, at 04:16 PM, Phil Cruz wrote: > Ben Forta commented on "Shared Hosting Has Inherent Risks" on his > blog. > > http://forta.com/blog/index.cfm?mode=e&entry=855 > > > > At 04:08 PM 7/31/2003 -0400, you wrote: >> What makes you say that or what do you mean by insecure? Does that >> mean >> all CFMX shared hosting is insecure? >> >> Adam Wayne Lehman >> Web Systems Developer >> Johns Hopkins Bloomberg School of Public Health >> Distance Education Division >> >> >> -----Original Message----- >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >> Behalf Of Matt Liotta >> Sent: Thursday, July 31, 2003 2:09 PM >> To: [EMAIL PROTECTED] >> Subject: Re: [CFCDev] CF hosting provider? >> >> Well, if you are fishing... since they offer shared hosting plans that >> include ColdFusion MX, their shared servers are insecure. >> >> -Matt >> >> On Thursday, July 31, 2003, at 02:02 PM, Adam Wayne Lehman wrote: >> >> > As this question comes up a bit, I�ll just be to the point. The >> > majority of everyone seems to endorse www.crystaltech.com and no one >> > has had anything bad to say about them. >> > >> > >> > >> > Adam Wayne Lehman >> > Web Systems Developer >> > JohnsHopkinsBloombergSchool of Public Health >> > Distance Education Division >> > >> > >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >> > Behalf OfSt�phane Bisson >> > Sent: Wednesday, July 30, 2003 11:47 PM >> > To: [EMAIL PROTECTED] >> > Subject: [CFCDev] CF hosting provider? >> > >> > >> > >> > Is anybody using hostmysite.com as a CF hosting provider? I have >> heard >> >> > some good things about them and was hoping to get some opinions. I >> am >> > actively looking for someone to host us. We are using CF, FR, Flash >> > and Flash communication server along with SQL2000. >> > >> > Appreciate your input. Thanks >> > >> > >> > >> > Stephane >> > >> >> ---------------------------------------------------------- >> You are subscribed to cfcdev. To unsubscribe, send an email >> to [EMAIL PROTECTED] with the word 'unsubscribe cfcdev' >> in the message of the email. >> >> CFCDev is run by CFCZone (www.cfczone.org) and supported >> by Mindtool, Corporation (www.mindtool.com). >> >> ---------------------------------------------------------- >> You are subscribed to cfcdev. To unsubscribe, send an email >> to [EMAIL PROTECTED] with the word 'unsubscribe cfcdev' >> in the message of the email. >> >> CFCDev is run by CFCZone (www.cfczone.org) and supported >> by Mindtool, Corporation (www.mindtool.com). > > ---------------------------------------------------------- > You are subscribed to cfcdev. To unsubscribe, send an email > to [EMAIL PROTECTED] with the word 'unsubscribe cfcdev' in the > message of the email. > > CFCDev is run by CFCZone (www.cfczone.org) and supported > by Mindtool, Corporation (www.mindtool.com). > ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [EMAIL PROTECTED] with the word 'unsubscribe cfcdev' in the message of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by Mindtool, Corporation (www.mindtool.com). ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [EMAIL PROTECTED] with the word 'unsubscribe cfcdev' in the message of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by Mindtool, Corporation (www.mindtool.com).
