Thanks Ben/Matt! Now I did mention that Flex says it REQUIRES RDS to be enabled in order to use Flex data services.
The only alternative I see is to call the CFCs as webservices instead of as a Flex data service. Calling local webservices would have a tonne of extra overhead.....seems like the wrong way. Sorry for the cross-over to Flex, but I hoped there were some cross-over folks on-list. Cheers On Mon, 2011-02-28 at 14:58 -0500, Ben Forta wrote: > Short answer, how secure RDS is or isn't is really not the issue. What is > more important is that security fundamentals demand that you don't run > anything not completely necessary on production boxes. Your HTTP server is > necessary, remote access services (be it RDS or FTP or ...) are generally > not necessary and therefore should not be running. Now on a development box, > sure, go ahead, but on production boxes, nope, don't. > > --- Ben > > > > -----Original Message----- > From: Bryan Stevenson [mailto:[email protected]] > Sent: Sunday, February 27, 2011 2:07 PM > To: cf-talk > Subject: How secure is RDS > > > let's try that again... ;-) > > Hi All, > > Way back in the day I was told RDS was horribly insecure and I wrote it off > and never looked back. > > Well now I'm into Flex and it uses RDS in order to use CF data services (or > I can use webservices). > > So how safe is having RDS enabled? Any good tutorials on setting it up > right? > > I have done some searching, but there is a lot of noise given the long life > of CF and the huge volume of old articles talking about RDS being insecure > ;-) > > TIA > > Cheers -- Bryan Stevenson B.Comm. VP & Director of E-Commerce Development Electric Edge Systems Group Inc. phone: 250.480.0642 fax: 250.480.1264 cell: 250.920.8830 e-mail: [email protected] web: www.electricedgesystems.com Notice: This message, including any attachments, is confidential and may contain information that is privileged or exempt from disclosure. It is intended only for the person to whom it is addressed unless expressly authorized otherwise by the sender. If you are not an authorized recipient, please notify the sender immediately and permanently destroy all copies of this message and attachments. Please consider the environment before printing this e-mail ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342610 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
