[KCFusion] OT: Infrastructure Help!
We need to buy Cisco 2900/2950 48 port switch TODAY! Let me know ASAP if you can help or where we might find one. Justin Hansen -- Ulgih Communications Web Developer / Programmer -- [EMAIL PROTECTED] 913-498-0123 ext 284 -- __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED]
[KCFusion] Secure file download
I'm trying to choose between CFFILE and CFCONTENT for secure file download. Some have said CFCONTENT is too slow. That's a possible issue for me, since some of my files are up to 10MB. But I'm on a low-traffic intranet with a maximum of 400 visitors. People in various departments can upload files and make them available to other employees via hyperlinks. So a person can go to the main Marketing page, and click on a link that downloads a Word file stored /marketing/docs/. Unfortunately, anyone with a full address can defeat my intranet security that only kicks in for CF templates (via application.cfm and cookies). I'd like to move all these downloadable files to the D drive on that same server, then let CF make them available via the same hyperlinks, except only for logged-on people. The pros and cons of this were mentioned in email traffic from another CF list, which I have attached below. Any comments here? We're running CF5 on NT4 SP6a with IIS. Keith Purtell, Web/Network Administrator VantageMed Operations (Kansas City) Email: [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. = -Original Message- From: Matt Liotta [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 13, 2000 12:23 PM Generally this is the best way to do it with one exception. Never use CFContent with large files. This will destroy your response time. Web servers were designed to deal with serving files and should be used in place of CF whenever possible. The only problem of course is security. If you make the directory web accessible then you have no security. However, you can't really secure the directory well with a web server since it has no concept of your application security. Below I describe how we solved this issue. Whenever we need to serve a file we create a symbolic link to the file in question. This symbolic link is placed in a web accessible directory and its file name is a UUID. This allows us to serve a file that would otherwise not be web accessible, by simply linking to its symbolic link. The likelihood of someone guessing a UUID is very low because it is based on a 128 bit integer. Further we have a process that deletes symbolic links after they have been around for more then five minutes. Thus even if the UUID was guessed it would only be accessible for five minutes. Hope this helps. -Matt -Original Message- From: Jon Cole [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 13, 2000 7:15 AM I agree with Nathan this would be the best approach. The problem is that you can't control what the file name would be. You can fix this with CFHEADER Like so: CFHEADER NAME=Content-Disposition VALUE=inline; filename=#ExportFile# Thank You, Jon Cole ACP DevTech Inc. [EMAIL PROTECTED] 206.956.0888 Learn more about DevTech @ www.Dev-Tech.com -Original Message- From: Nathan Dintenfass [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 12, 2000 6:34 PM One way I have dealt with something like this is to keep the files outside the web root, so they are not accessible over the web at all. Then, use CFCONTENT to deliver the files -- that way your CF security you already have running can secure access to the files (assuming the server itself is secure, of course). You may want to store a separate DB of file information such as MIME type, etc., but it's not necessary. __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED]
RE: [KCFusion] Secure file download
I have seen some sites that show you a list of files that you can download. Each link has something unique appended to it to differentiate the actual file. When you click on the link, instead of actually letting you download, it passes you off to a 2nd page. It's the second page that has the security setup. To get to the second page you must have the correct security settings and once you are on the page, only the file you requested is linked to. Theoretically, someone who receives the url of the actual file could still download it, but in general, you would only see a single file link in your browser since the larger list only references the secure page. This allows you to use straight html links for your files without having to use cffile or cfcontent. Of course, I haven't tried this. Make sure you put your entire source code out there first to test out the ability for outsiders to steal your products before going live with something valuable :-) Ryan __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED]
Re: [KCFusion] Secure file download
Why would CFCONTENT be slow? How would CFFILE replace CFCONTENT? You may want to take a moment and re-examine your assumptions... --Daryl - Original Message - From: Keith Purtell [EMAIL PROTECTED] To: KCFusion (E-mail) [EMAIL PROTECTED] Sent: Monday, February 04, 2002 3:41 PM Subject: [KCFusion] Secure file download I'm trying to choose between CFFILE and CFCONTENT for secure file download. Some have said CFCONTENT is too slow. That's a possible issue for me, since some of my files are up to 10MB. But I'm on a low-traffic intranet with a maximum of 400 visitors. People in various departments can upload files and make them available to other employees via hyperlinks. So a person can go to the main Marketing page, and click on a link that downloads a Word file stored /marketing/docs/. Unfortunately, anyone with a full address can defeat my intranet security that only kicks in for CF templates (via application.cfm and cookies). I'd like to move all these downloadable files to the D drive on that same server, then let CF make them available via the same hyperlinks, except only for logged-on people. The pros and cons of this were mentioned in email traffic from another CF list, which I have attached below. Any comments here? We're running CF5 on NT4 SP6a with IIS. Keith Purtell, Web/Network Administrator VantageMed Operations (Kansas City) Email: [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. = -Original Message- From: Matt Liotta [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 13, 2000 12:23 PM Generally this is the best way to do it with one exception. Never use CFContent with large files. This will destroy your response time. Web servers were designed to deal with serving files and should be used in place of CF whenever possible. The only problem of course is security. If you make the directory web accessible then you have no security. However, you can't really secure the directory well with a web server since it has no concept of your application security. Below I describe how we solved this issue. Whenever we need to serve a file we create a symbolic link to the file in question. This symbolic link is placed in a web accessible directory and its file name is a UUID. This allows us to serve a file that would otherwise not be web accessible, by simply linking to its symbolic link. The likelihood of someone guessing a UUID is very low because it is based on a 128 bit integer. Further we have a process that deletes symbolic links after they have been around for more then five minutes. Thus even if the UUID was guessed it would only be accessible for five minutes. Hope this helps. -Matt -Original Message- From: Jon Cole [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 13, 2000 7:15 AM I agree with Nathan this would be the best approach. The problem is that you can't control what the file name would be. You can fix this with CFHEADER Like so: CFHEADER NAME=Content-Disposition VALUE=inline; filename=#ExportFile# Thank You, Jon Cole ACP DevTech Inc. [EMAIL PROTECTED] 206.956.0888 Learn more about DevTech @ www.Dev-Tech.com -Original Message- From: Nathan Dintenfass [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 12, 2000 6:34 PM One way I have dealt with something like this is to keep the files outside the web root, so they are not accessible over the web at all. Then, use CFCONTENT to deliver the files -- that way your CF security you already have running can secure access to the files (assuming the server itself is secure, of course). You may want to store a separate DB of file information such as MIME type, etc., but it's not necessary. __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED] __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED]
[KCFusion] CFHTTP
Is anyone on the list using CFHTTP extensively? I'm going to be doing some QA work on that tag for Neo, and I want to hear about anyone's negative experiences with CFHTTP. Please contact me off-list, so we don't clutter everyone's inbox. --Daryl __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED]
[KCFusion] reinstall
RDS has suddenly decided to stop working. When ever I try to log in I get a remote server error message. I'm inclined to just reinstall the server to try to fix the problem. Anybody care to advise against this course of action (i.e. anybody got a better idea)? Adaryl __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED]
Re: [KCFusion] reinstall
I would check the user that RDS and/or the username that your using to be sure its not locked out. What is the error message ? - Original Message - From: Adaryl Wakefield [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, February 04, 2002 7:18 PM Subject: [KCFusion] reinstall RDS has suddenly decided to stop working. When ever I try to log in I get a remote server error message. I'm inclined to just reinstall the server to try to fix the problem. Anybody care to advise against this course of action (i.e. anybody got a better idea)? Adaryl __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED] __ The KCFusion.org list and website is hosted by Humankind Systems, Inc. List Archives http://www.mail-archive.com/cf-list@kcfusion.org Questions, Comments or Glowing Praise.. mailto:[EMAIL PROTECTED] To Subscribe mailto:[EMAIL PROTECTED] To Unsubscribe mailto:[EMAIL PROTECTED]