Please review the Adobe CF Security bulletins and make sure you're patched. There were some pretty major holes plugged last January.
https://www.adobe.com/support/security/?securityadvisoryproduct=%23coldfusion&Submit=Go#coldfusion On Wed, Nov 6, 2013 at 3:35 PM, Ajas Mohammed <[email protected]> wrote: > In terms of security, for CF 9.0.1, do I need to install anything like > hotfixes & patches? I thought everything was included in the 9.0.1 updates, > is that not the case? > > Can someone point me to link for hotfixes & security patches for CF 9.0.1. > > Thanks, > > > <Ajas Mohammed /> > iUseDropbox(http://db.tt/63Lvone9) > http://ajashadi.blogspot.com > We cannot become what we need to be, remaining what we are. > No matter what, find a way. Because thats what winners do. > You can't improve what you don't measure. > Quality is never an accident; it is always the result of high intention, > sincere effort, intelligent direction and skillful execution; it represents > the wise choice of many alternatives. > > > On Tue, Nov 5, 2013 at 12:42 AM, Charlie Arehart <[email protected]>wrote: > >> You will continue to see it using jrun_iis6_wildcard. That’s not >> incorrect (but potentially confusing, yes). >> >> /charlie >> >> >> >> *From:* [email protected] [mailto:[email protected]] *On Behalf Of *Ajas >> Mohammed >> *Sent:* Tuesday, November 05, 2013 12:01 AM >> >> *To:* [email protected] >> *Subject:* Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7 >> >> >> >> Again thanks. I think I am guessing that the correct answer to this is 75 >> because of different application pools. I could be wrong though, like you >> said better to do practical test and figure out what happens. >> >> >> >> One thing I found which is weird "I have jrun_iis6_wildcard instead of >> jrun_iis7_wildcard", this is really surprising to me. We had iis6 >> comparability initially and then removed it and re installed cf 9.0.1 & ran >> connector again for all sites. >> >> >> >> Thanks, >> >> >> <Ajas Mohammed /> >> >> iUseDropbox(http://db.tt/63Lvone9) >> http://ajashadi.blogspot.com >> We cannot become what we need to be, remaining what we are. >> No matter what, find a way. Because thats what winners do. >> You can't improve what you don't measure. >> Quality is never an accident; it is always the result of high intention, >> sincere effort, intelligent direction and skillful execution; it represents >> the wise choice of many alternatives. >> >> >> >> On Mon, Nov 4, 2013 at 11:42 PM, Charlie Arehart <[email protected]> >> wrote: >> >> Thanks for the kind regards. As for your question, that’s something I’ve >> always wondered myself. :-) >> >> In fact, you will see that on the Adobe blog entry about that >> maxworkerthreads bug (from a few years ago) that I had asked this question >> specifically, and I never got an answer. I always wanted to test it, but >> never got around to it. >> >> If you may do some testing determine it, please do let us know. To quote >> “Dances with Wolves”, I’d consider that a “good trade”. :-) >> >> /charlie >> >> >> >> *From:* [email protected] [mailto:[email protected]] *On Behalf Of *Ajas >> Mohammed >> *Sent:* Monday, November 04, 2013 10:53 PM >> *To:* [email protected] >> *Subject:* Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7 >> >> >> >> Thank you sir. You are the best!!!!!!!. >> >> >> >> Do you see any issues with these separate folders? Plus what about the >> whole logic about concurrent requests and IIS bug? In this case without the >> fix (maxworkerthreads=25) and default worker process (1) and seperate >> application pools for all sites plus 2nd folder and 3 folder as well, does >> it mean this >> >> >> >> 1. 25 default setting for concurrent req (bug) x for all sites and 25 x >> for 2nd folder and 25 x for 3rd folder = 75 >> >> or >> >> 2. 25 max requests for all sites , 2nd folder site, 3 folder site = 25 >> max requests overall >> >> >> >> Thanks, >> >> >> <Ajas Mohammed /> >> >> >> >> >> >> ------------------------------------------------------------- >> To unsubscribe from this list, manage your profile @ >> http://www.acfug.org?fa=login.edituserform >> >> For more info, see http://www.acfug.org/mailinglists >> Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >> List hosted by FusionLink <http://www.fusionlink.com> >> ------------------------------------------------------------- >> >> >> >> ------------------------------------------------------------- >> To unsubscribe from this list, manage your profile @ >> http://www.acfug.org?fa=login.edituserform >> >> For more info, see http://www.acfug.org/mailinglists >> Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >> List hosted by FusionLink <http://www.fusionlink.com> >> ------------------------------------------------------------- >> > > -- Dawn
