Then join us for this free webinar with Intergral’s David Stockton and learn how to keep your ColdFusion servers alive and performing to their full potential. And when your server is crashing or running slow find out how to figure out what is going on and solve the problems fast so that your apps can be running reliably.
If your server is slow or sick this is for you! We will look at how to diagnose problems and some common ways to heal a sick ColdFusion server. We will also discuss what tools you can use to prevent problems from occurring.
|This webinar is with David Stockton, technical consultant from the FusionReactor professional JVM and ColdFusion server monitor team. David has been using ColdFusion for more than 10 years and has spoken on server tuning and load testing many times.
He will demonstrate how to:
We will also look at the FusionAnalytics ColdFusion Application and server analysis tool.
We will raffle off one copy of FusionReactor – you must register to enter this raffle.
The webinar on “Preventing and diagnosing ColdFusion server crashes and slow downs” is on Thursday, November 29, 2012 3:00 PM – 4:00 PM EST. The webinar will cover fixing slow servers, performance bottlenecks location and diagnosis tips. It will be approximately 45 minutes including time for Q and A. The webinar is free. You can register athttps://www1.gotomeeting.com/register/242091952 See you there!
David started his career developing desktop applications using Visual Basic. After a period of working on interface design and prototyping for digital television set-top boxes, he made the move to web applications and working with ColdFusion in a variety of fields, from e-commerce to social networking.
In 2006 David joined the team at Intergral Information Solutions, makers of FusionReactor, FusionDebug and FusionAnalytics. David holds a senior consulting position for the Intergral UK team. David graduated from Staffordshire University with a Bachelor of Engineering degree (with honours) in Software Engineering.
The webinar will be hosted by Michael Smith, from TeraTech Inc. Click http://www.teratech.com/blog/index.cfm/2012/11/14/Preventing-and-diagnosing-ColdFusion-server-crashes-and-slow-downs-Thursday-112912-3pm-EST for further details.
Required: Windows® 7, Vista, XP or 2003 Server
Required: Mac OS® X 10.5 or newer
Required: iPhone®, iPad®, Android™ phone or Android tablet
I just posted a new technote over at http://www.fusion-reactor.com/support/kb/FRS-246.cfm
Hopefully you’ll all find this a good starting point on how to keep your server monitoring solution secure.
Hopefully we’re all back from a quiet festive break where your phones didn’t ring and you weren’t bothered by server outages at 2am on Christmas morning.
If that wasn’t you and your pager/cell was lit up brighter than the Christmas tree then perhaps you should already be speaking to us! We offer a professional consulting service using Adobe certified engineers with a minimum of 10 years experience. Our engineers are highly skilled and our experience in a wide range scenarios allow us to quickly and accurately diagnose the root cause of server issues. We can handle issues including networking, database, web-server, application server and code-level plus a lot more. So if you’re in need of help then get in touch now – https://www.cfconsultant.com/contact/
If you’re sitting feeling smug right now then that’s great news! Equally, you want to be the happy one next holiday break so why not take a server review service from us. Our server reviews typically cover a range of areas including CF configuration, JVM configuration, OS optimizations and page performance including JDBC breakdown.
Your issues will be classified by and marked by severity allowing simple prioritization. We can additionally include plans to resolve any problems found including time-estimates. This service is typically provided remotely and duration/cost will depend on the complexity of your platform. Get in contact with us now to secure a quote – and your servers future!
A big hello from CFUnited!
Myself (David Stockton) and my colleagues (Darren Pywell & David Tattersall) are all at CFUnited this week. We have a FREE copy of FusionAnalytics to give away so don’t be shy – come and speak to us for a chance to win!!
Plus, ask nicely and we’ve got FREE goodies for everyone we speak to!
We’re in the vendor area between Adobe & Railo – look for the ShareDox, FusionReactor, FusionAnalytics & Intergral banners… plus this good looking guy:
See you there!
ColdFusion 9.0.1 has been released for about a week now. I’m sure everyone has done due diligence in their test environments, run a full test-suite and deployed to production right?
Well it’s not always that simple is it? So if you want some professional help from the experts then call the experts – we’re ready & waiting to help.
The PCI-DSS standards are designed to help protect card-holder data. The specific section we’re interested in is section 4.1 of the v1.2 revision of the standards which are available for download here: https://www.pcisecuritystandards.org/security_standards/pci_dss_download_agreement.html
The standards layout that you should use strong cryptography and security protocols when transmitting card data over open, public networks (ie the Internet).
If you want to secure any data sent over HTTPS you need to make sure the protocols and ciphers used are secure. In practice, this means disabling SSLv2 and weak ciphers. This has to be done at the SSL endpoint – so if you’re using a load balancer, firewall or similar to terminate your SSL connections you’ll need to make the changes there.
We can offer advice and resell SSL terminating end-points. We also work with open-source SSl terminating solutions such as Pound ( http://www.apsis.ch/pound/ ).
Use the SSLScan tool – http://sourceforge.net/projects/sslscan/
Use OpenSSL from the command line:
# openssl s_client -ssl2 -connect www.HOSTNAME.com:443
# openssl s_client -connect www.HOSTNAME.com:443 -cipher LOW:EXP
SSLProtocol -ALL +SSLv3 +TLSv1
(Unfortunately you have to edit the registry…)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56/56] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\NULL] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 56/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128] "Enabled"=dword:0000000
You may also be interested to know that active CF community member Pete Freitag has created a commercial tool to help you make these changes in IIS – http://foundeo.com/products/iis-weak-ssl-ciphers/
Of course not everyone’s environment is straight-forward and often you’ll hit issues or knock-on effects – so get the experts in… we’re waiting!
A common consulting engagement for us is configuring a new system for optimal use. It’s not just the application server that’ll need configuring, don’t forget the application server relies on a lot of underlying infrastructure including the network and OS. Often this stage gets over-looked or you’ll (often incorrectly) assume your hosting provider will have performed these steps already.
Every application is different, there’s no golden rules but there are some simple steps you can take to improve performance, security & stability. For a typical web & application server machine let’s look at an example Linux setup. Here’s just the tip of the iceberg…
Making good progress? What about the network, firewall, loadbalancer, web server, JVM, application server, application code…. the list goes on – save yourself the headache, call the experts!