I often help people who are reporting that CF is “running hot on the CPU”, maybe reaching 80 or even 100% of the CPU, whether in spikes or for extended periods. What might you propose people look at, when you’ve heard that? I’ve heard all kinds of things over the years, often focused on coding, or perhaps jvm tuning.
But as is often the case in a lot of the CF server troubleshooting consulting I do, I find the causes to be far less often what most people seem to suspect. So what would I look for when someone reported high CPU in ColdFusion (or Railo)? Read on.
ColdFusion Lockdown/Security guides: there are several, and some you may have missed
While helping people with various problems in my CF server troubleshooting services, I often have the chance to help people identify security vulnerabilities, especially in their configuration of CF and/or their web server, and sometimes related to their code.
I was wanting to point out to someone the various ColdFusion security resources, and while I have a category on them in my CF411 site, I thought this was a list worth pulling out into its own blog entry and expanding a bit.
You may be surprised to find that there are more to CF security guidelines than just the venerable server “lockdown guide” (for those administering and configuring CF, the OS, and the web server, among other things).
Did you know that there have been “developer security guidelines” as well, focused instead on coding? This latter guide has gone through three iterations, including just recently, as I’ll discuss along with the lockdown guides, below.
New version of cfBrackets, the ColdFusion plugin for Brackets:
0.1.1 / 2014-06-08 / Updated code for change file API of brackets. Added CF11 support, better Railo support and tag support for OpenBD.
cfBrackets adds support for ColdFusion Markup Language (CFML) to Brackets Code Editor. It’s an extension and can be simply installed with the extension manager inside of Brackets.