Monday, December 01, 2008

Security articles - cf script protection, captcha, cfformprotect

I stumbled across some good CF-related security articles this weekend.

Using htaccess rules to protect against SQL injection
http://www.luismajano.com/blog/index.cfm/2008/8/8/htacces-rules-to-protect-against-SQL-Injection-attacks

The good and the bad about built-in CF script protection
http://www.12robots.com/index.cfm/2008/9/9/Enhancing-ColdFusion-Script-Protection--Security-Series-10
This article also touches on ways to customize the script protection

Do we get much spam form activity? The use of captcha and reasons not to use it
http://techfeed.net/blog/index.cfm/2008/11/29/Reasons-not-to-use-Captcha

The best part is that that they talk about CFFormProtect as an alternative, which sounds very cool:
http://cfformprotect.riaforge.org

No comments: