Re: [OpenBD] Debugging on command

[Alan Holden]

Seems to me that the standard method of restricting debug output by IP would serve your needs, and shouldn't present much of a security issue if used temporarily - over ssl would be better. Adding extra code to account for a specific user (wheresoever located), is more work and introduces more cycles & possibilities for error, but sounds like a neat feature if you wanted to invest the time. Also, there's a whole "Heisenberg" thing to account for too: The process of applying debug output & code to the process will itself add some extra processing time, so your numbers may be changed (perhaps only slightly) just because you wanted to gather them. Note that I have found some instances of OpenBD to be stubborn in recognizing settings changes in this area. I've had to restart the J2EE container on occasion to get new global debug settings to take. I honestly don't know if this was ever a known issue or has been fixed in newer releases (if it was), or if it was just a desktop or AWS glitch, or me. Al On 5/8/2014 5:43 PM, Magnus wrote: I have a production server that is having some performance problems and I'd like to get a better idea of how some of the CFML code is performing in production. I'd like to be able to turn on debugging just for me temporarily. To do this, I though I could use cfsetting and enabledebugoutput that could be toggled only by a user with the right restricted permissions. Seems simple enough. But given the potential security pitfalls of exposed debugging info, I thought I would see if there are any special cautions I should be taking or maybe get a warning that this is a totally crazy idea. :-) Thanks for your input, Magnus -- -- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en --- You received this message because you are subscribed to the Google Groups "Open BlueDragon" group. To unsubscribe from this group and stop receiving emails from it, send an email to openbd+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- -- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en --- You received this message because you are subscribed to the Google Groups "Open BlueDragon" group. To unsubscribe from this group and stop receiving emails from it, send an email to openbd+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.