Thanks for the update, Bettina. And while I realize you are opting to go with the other route, you may want to at least understand what was amiss here, as it could come back to bite you in other ways (perhaps other templates, or other related problems.)
So as for the failing bat file, did you see something in the output of CFEXECUTE (you can configure it to save the output), which may have helped you. And you mention my article on “reducing security risks”. Well, to be clear, that’s from early 2013 and was related to a hack of Dec 2012, where the solution was mostly in CF updates (all included already in CF11) as well as some extra lockdowns you could do, like IIS Request Filtering or Apache Deny directives, as discussed in the CF 11 (and 10 and 9) lockdown guides. All that said, I wonder if a DIFFERENT problem may be at root here. If you HAVE been focused on security (since you DID turn on the “secure profile”, and as you mention my article), if you HAVE followed something in the lockdown guide, you may have changed the user that CF runs as (from “system” to a more limited permission user). If so, one of the problems there is that you have to change ALL directories that your CF code runs in (or touches) to give THAT user permission. Do maybe that is why the CFXECUTE bat file is failing. Again, viewing the output from CFEXECUTE may be the best thing to look at to really help you nail this down. But these are some guesses from afar, as it’s all stuff I see every week helping people with CF server troubleshooting, whether in my consulting services or on lists and forums like here. :-) /charlie From: [email protected] [mailto:[email protected]] On Behalf Of Bettina M. Scurlock Sent: Monday, February 02, 2015 11:39 AM To: [email protected] Subject: Re: [ACFUG Discuss] Running CFExecute in ColdFusion 11 Charlie & John, Thank you for the suggestions. This is the first time I have encountered CFExecute and had not encountered this issue before. Charlie, to answer your questions, the secure profile has been turned on and we have the most recent version of the installer, update 3). The error we were receiving wasn't from CFExecute, but rather the BAT file was failing when it was executed, which lead me to believe that it was issues with security permissions. We have decided to go with John's option of executing the bat files through a database cron job for security reasons. Charlie, I re-read your article on on reducing security risks on ColdFusion servers <http://www.carehart.org/blog/client/index.cfm/2013/1/2/Part2_serious_security_threat> and was able to share it with my management team. Thanks guys! Cheers, Bettina
