I stumbled across some good CF-related security articles this weekend.
Using htaccess rules to protect against SQL injection
http://www.luismajano.com/blog/index.cfm/2008/8/8/htacces-rules-to-protect-against-SQL-Injection-attacks
The good and the bad about built-in CF script protection
http://www.12robots.com/index.cfm/2008/9/9/Enhancing-ColdFusion-Script-Protection--Security-Series-10
This article also touches on ways to customize the script protection
Do we get much spam form activity? The use of captcha and reasons not to use it
http://techfeed.net/blog/index.cfm/2008/11/29/Reasons-not-to-use-Captcha
The best part is that that they talk about CFFormProtect as an alternative, which sounds very cool:
http://cfformprotect.riaforge.org
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment