Blog

Kansas City Designer/Developer Workflow Conference: Success!

Posted by Brad Wood
Jun 21, 2010 06:02:00 UTC
Today wrapped up the two-day Designer/Developer Workflow Conference here in Kansas City. A big thanks to Dee Sadler for putting it all together and to the awesome speakers. It was very interesting to attend sessions that were not just about programming, but about the workflow we all deal with when it comes to working with our designers and prototyping applications. I also really liked the re-occurrence of topics centered around mobile development. I even found out about a local group call the Mobile Media Club that was founded by one of our speakers, Vince Vaughan. (No, not THAT Vince Vaughn) I was able to meeting some cool people I had heard of before but never seen in person (like John Farrar and Andy Matthews) and some brand new faces I didn't even know existed (like Seb Lee-Delisle, Chris Griffith, and Vince Vaughan) I'm hoping Kansas City will see some more quality training like this in the near future and will draw even more people.

JVM Args Don't Like Line Breaks

Posted by Brad Wood
Jan 31, 2010 07:44:00 UTC
A brief hiatus today from from the PCI Compliance series to issue a quick public service announcement. I was installing my free copy of SeeFusion today that I netted in the recent give-away WebApper had. Since the target machine was CF7 on a OpenSuse Linux with the JVM upgraded to 1.4.2_11, it was a "manual" install. Pretty easy-- copy a few jar files and edit a few configs. The problem was, SeeFusion wasn't able to connect to my debugging port to capture stack traces and I couldn't figure out why.

PCI DSS Compliance Part 2 - Weak SSL And Ciphers

Posted by Brad Wood
Jan 30, 2010 07:44:28 UTC
The next stop on our PCI DSS Compliance tour is disabling weak SSL versions and encryption ciphers. If your site is handling credit card payments, it is undoubtedly using HTTPS for at least the pages that collect payment information. I thought I had already taken care of this item, but I was apparently mistaken. Fortunately, this is pretty easy to fix and if you're on Windows I've even cooked up a quick and easy registry file for you to use.

PCI DSS Compliance Part 1 - Predictable Session ID Vulnerability

Posted by Brad Wood
Jan 29, 2010 06:24:00 UTC
As a web developer you have your share of demons you have to face. If your company processes credit cards, chances are your yearly PCI DSS compliance scan is one of those demons. I thought I would do a short series on a few security items I tightened down as a result of our last PCI scan. This is by no means a comprehensive list of everything needed to pass a PCI scan. If you want to know that and have time to read a 74 page PDF you can get a copy of the Spec at www.pcisecuritystandards.org.

ColdFusion's Heartbeat

Posted by Brad Wood
Jan 23, 2010 08:50:00 UTC
I jogged down the stairs, one arm over my head, as I pulled my coat on a sleeve at a time. Fishing the car keys out of my pocket with one hand, I leaned over my computer to tap in my E-mail password with the other. "Wow, 41 unread messages in the CF-Talk folder," I thought. "There must be a hot new topic on the list today." With a click I watched the new thread flow in. "Why i fear ColdFusion is on its last legs" "Oh Geez," I sighed, "Please not with this again!" There wasn't time to read all that right then. I'd have to catch up on this one later in the day when my absorption rate was higher.

Two Tips For Making Sure Your Mail Gets Sent

Posted by Brad Wood
Dec 08, 2009 06:31:00 UTC
A lot of you have web servers that double as mail servers to relay out mail from your ColdFusion applications. Even if you have a separate server that handles your mail relay, this post should still be helpful. The more and more that spam proliferates on the Internet, the more antsy ISPs get about blocking mail. There are a litany of reasons an ISP might reject mail from your server. GoDaddy has been one of the most annoying companies to deal with. There are two things I had to fix on my mail server before they would accept mail from my server. Reverse DNS and Helo host name.

BlogCFC Code Formatting Not Thread Safe (With Example)

Posted by Brad Wood
Dec 04, 2009 00:58:00 UTC
I found an interesting little bug in the BlogCFC implementation of ColdFISH today. ColdFISH is a ColdFusion code formatting component that is instantiated once and cached as a singleton in the application scope in BlogCFC. The problem is, ColdFISH looks like it wasn't intended to be used as a singleton. It makes use of the variables scope to store the Java StringBuffer class it uses to gather up your formatted code as well as a number of other variables used to parse the code it is formatting. This means when two or more people hit a BlogCFC entry with larger code samples, race conditions exists.

Google Wave Invites

Posted by Brad Wood
Nov 30, 2009 08:15:00 UTC
I had 16 Google Wave Invites show up in my Wave inbox today. If you've been wanting to try out Google Wave, the bidding starts at $5.00. OK, just kidding-- shoot me a message and I'll invite you if I have any left. :) 11/30 UPDATE: I'm all out of invites now, but I was able to hit everyone that asked so far. Remember it often takes several days to get the E-mail from Google. Enjoy!

Give Your Opinion, Get SeeFusion For Free

Posted by Brad Wood
Nov 29, 2009 23:43:00 UTC
Our friends at Webapper are giving away free copies of SeeFusion (an awesome ColdFusion server monitoring tool) to the first 100 200 people to take their survey on ColdFusion consulting. Go check out here: http://www.webapper.com/blog/index.php/2009/11/25/coldfusion-survey/ UPDATE: Webapper is now going to give away SeeFusion to the first 200 people to take their survey. Can't beat that!

Google AdSense Servers Tripling My Traffic?

Posted by Brad Wood
Nov 09, 2009 07:15:00 UTC
I threw some AdSense ads on my site the other day. I don't think I'll be getting rich any time soon though. I'm up to 58 cents so I figure I'll be seeing a check from Google in about 8 years. :) Anyway, while troubleshooting an error in my blogCFC I noticed I kept getting each error E-mail three times. Looking at the User Agent showed that "Mediapartners-Google" was hitting every URL I hit twice. Incidentally, I have two Google ads on every page of my site.

Site Updates

Entries Search