Archive for the ‘ColdFusion Servers’ Category

Lucee 5.0 – 5.2.1.9 (current version) has a bug in scheduled tasks that seems to affect both Windows and Linux servers.

When scheduling a task, they end up getting marked as “expired” and never run. Not sure how this issue has made it this far into revisions, but as of this post it’s still an issue.

https://luceeserver.atlassian.net/browse/LDEV-897

You can work around this issue using a cron job by way of curl.

On Windows you can use the Windows Task Scheduler and curl. Curl can be downloaded from https://curl.haxx.se/download.html

6/21/2017 – marked for “NextSprint scheduled”

We have a ColdFusion 11 server hosted on Amazon’s Web Service (AWS) Elastic Compute Cloud (EC2). We subscribe to the Adobe ColdFusion 11 license on a monthly basis using the Amazon Machine Image (AMI) Store.

We are still migrating sites to the EC2 instance and it is still in its infancy. What we noticed was that the log files were getting large quite fast with these entries:

License Error.You tried to access the Developer Edition from IP address (0.0.0.0). Already two IP addresses are accessing ColdFusion concurrently. The Developer Edition supports access by any IP address, but only two at a time, apart from the localhost. The additional IP addresses accessing ColdFusion are: 0.0.0.0,0.0.0.0 The specific sequence of files included or processed is: C:\ColdFusion11\Main\wwwroot\CFIDE\administrator\templates\secure_profile_error.cfm”

This meant that only two distinct visitors would be able to view our production sites at any given time. The license is supposed to be a Enterprise level license which can support very large traffic. But instead the license reverted to developer edition without warning.

The way I was able to resolve this issue was to send an email to CFsup@adobe.com. I included my AWS Account number. I also ran this issue by the “Adobe” CFML Slack Channel. Here was the timeline (Central Time):

8:12 PM: Posted issue on CFML Adobe Slack channel
8:21 PM: Emailed CFsup@adobe.com
11:15 PM: Anit Kumar responds to Slack from home
12:10 AM: Anit Kumar responds via email with new .jar file
12:38 AM: Server now on Enterprise license correctly

Here were the steps taken to apply patch:

  1. Navigate to the \ColdFusion11\cfusion\lib and search for “cfusion-req.jar”.
  2. Stop the ColdFusion Service.
  3. Take a backup of this original jar file and delete it. Renaming the jar file, will not help.
  4. Rename the enclosed cfusion-req.jar.123 to cfusion-req.jar and save it on the location mentioned in Step 1.
  5. Start the ColdFusion Service.
  6. Check the Edition by clicking on the System Information (“I” icon on right hand side top).

Anit said we could just apply the patch to the cfusion instance, however we ended up applying it to it and another CF instance while waiting for a response.

When we asked Anit what the issue was, this was his reply:

This was an issue with Amazon side and is very sporadic in nature. We have fixed and merged this in CF2016 AMIs on Amazon.

javalogo-81x162I happened to read a post on Adobe’s ColdFusion Facebook page, that references a blog post, that references a pretty obscure tip. ColdFusion really needs to implement this somehow in CF Admin like a configurable directory for this file.

I remember knowing this step, but forgot, because it’s documented in obscure places like in the upgrade notes when ColdFusion releases a patch that officially supports a newer version of ColdFusion.

Anyway, ending my rant, when you upgrade to a new major version of Java (and in my opinion every minor version too) be sure to do the following:

  1. Copy tools.jar from {JDK_Home}/lib to {cf_install_home}/{instance}/lib/
  2. Delete all files from {cf_install_home}/{instance}/stubs/ to get the newly compiled classes.

Only JDK contains the tools.jar file not the jre installation. You don’t have to install JDK on the machine where ColdFusion is installed. You can just have jre on this machine and get tools.jar from any other machine’s JDK installation.

Seeing that someone was trying to hit wp-login.php (WordPress login) a few times a minute on one of our servers at CF Webtools we decided to block any PHP requests since this is a ColdFusion server. It wasn’t as easy as I thought. This is a Windows 2008 R2 server running IIS 7.5 and ColdFusion 11.

Sample URL:
http://www.mysite.com/index.cfm/main/mypage/id/68249/id2/wp-login.php

At first I tried using Request Filtering under the “Rules”, “URL” and “Query Strings” tabs. These had no effect.

I then went to URL Rewrite where there was a custom rule to allow index.cfm to be absent from the URL.

<rewrite>
    <rules>
        <clear />
        <rule name="Rewrite FW/1 SES index.cfm">
            <match url="^(?!css|js|fonts)(.*)$" />
            <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                <add input="{REQUEST_URI}" pattern="^.*\.(bmp|css|gif|htc|html?|ico|jpe?g|js|pdf|png|swf|txt|xml|ttf|woff|eot)([/?].*)?$" negate="true" />
            </conditions>
            <action type="Rewrite" url="/index.cfm/{R:1}" logRewrittenUrl="true" />
        </rule>
    </rules>
</rewrite>

I then tried adding a rule using the default settings of wildcards. While the test responded okay, the actual page kept processing the URL.

Thanks to Wil Genovese, after switching the regular expressions and enclosing those in parenthesis, “.php” requests were finally denied.

<rule name="No PHP" stopProcessing="true">
    <match url="(.*)" />
    <conditions>
        <add input="{PATH_INFO}" pattern="(\.php)" />
    </conditions>
    <action type="AbortRequest" />
</rule>

2015-05-26_1538

Update 1/20/2015: Fix is available in the refreshed Full installers. More information on this is available here at:
http://blogs.coldfusion.com/post.cfm/coldfusion-11-installers-refreshed-has-fix-for-server-fails-to-start-on-enabling-j2ee-session-variables-and-installation-on-japanese-os

After some wicked process of elimination at CF Webtools I found out that I was unable to start/restart ColdFusion 11 after enabling J2EE Session Variables in the ColdFusion Administrator.

I went through almost all types of installs thinking it was an issue with the Amazon EC2 server it was on. Thinking this because we have CF11 servers running with J2EE enabled already.

The difference, and the the issue it turns out, is the updated installer that includes update 3 for Windows x64. The original installer doesn’t seem to have this issue.

The underlying issue is whether or not Tomcat persistent sessions were turned on or off. This apparently keeps a session alive during a restart. ColdFusion apparently doesn’t like this if it’s on.

To turn off Tomcat persistent sessions (this seems a little backwards though):

  1. Open {cf instance}/runtime/conf/context.xml
  2. Uncomment <Manager pathname=”” />
  3. Save file and close
  4. Start ColdFusion

This seems to have been an issue on ColdFusion 10 that somehow made its way back to 11.

Thanks to Derrick Anderson with BigTeams for finding this old issue at we3geeks.

I have opened bug ticket 3923565 with Adobe.

SES_Screen_ShotAfter a bit of research, I was never able to find a definitive answer as how to properly set up SES (Search Engine Safe URL’s) to work with FW/1 (Framework 1) using IIS 7.5 and IIS URL Rewrite 2.0.

SES makes turns your URL’s from this:

http://www.mysite.com/index.cfm?action=main.default&ID=0

Into this:

http://www.mysite.com/main/default/ID/0

First of all you may need to install URL Rewrite 2.0 using Microsoft Web Platform Installer. There are other options out there, but I’m using this since it’s simple and nicely integrated.

From the URL Rewrite options screen, add a new rule and select “User-friendly URL” under the “Inbound and Outbound Rules”.

The requested URL should match the pattern using regular expressions. The pattern being:

^(.*)$

Add the conditions that the type is not a file or a directory.

The action type is rewrite and the rewrite URL is:

/index.cfm/{R:1}

Be sure to check “Append query string” and “Stop processing of subsequent rules”

(more…)

I have a new project that requires Blue Dragon 9.0 Alpha (.NET). I never used Blue Dragon before and it ended up taking me a few days to get up and running.

First of all there is no documentation and there is practically no discussion around it. So I’m writing this in hopes it helps someone out.

The files I’m using are located at ftp://ftp.newatlanta.com/public/bluedragon/9_0/ .

 

The first step is to install IIS and ASP.NET. You may need to have .NET Framework 3.5 turned on as well.

Windows_Features

 

The second step is to make sure you have .NET Framework v4.0 installed.

 

The third step is to make sure you have an IIS site setup and using the .NET Framework v4.0 in the Application pools.

Application_Pools

 

The fourth step is to run BlueDragon_NET_90_alpha.exe in administrator mode.

At that point in time you’ll find an error message when you run the site:

Example: “Access to the path ‘C:\inetpub\wwwroot\BD Test\App_Data\bluedragon\config’ is denied.”

You will need to create a directory structure underneath your website directory:

App_Data
-bluedragon
–config
—bluedragon.xml
–work
—cfchart
—cfcollection
—cfdocument
—cflog
—cfschedule
—temp

The bluedragon.xml file is the following:

<?xml version="1.0" encoding="UTF-8"?>
<server>
</server>

 

After you create the directories and file, you will then get the following error:

Object reference not set to an instance of an object.
ConfigurationErrorsException: Could not create NewAtlanta.BlueDragon.Diagnostics.LogTraceListener, NewAtlanta.BlueDragon, Version=9.0.0.0, Culture=neutral, PublicKeyToken=7551335de9fc3c36.

To fix this, you will need to add the app pool’s user and grant is modify or full permissions.

When you add the user, use your machine’s location  (as opposed to the domain), then enter the object name “IIS AppPool\[app pool name]”. For example “IIS AppPool\BD Test”. Then click “Check Names”. This will resolve the name to the app pool name.

App_Pool_User

 

 

This should get you up and running with BlueDragon.NET 9.0 Alpha.

There are currently two patch files in the FTP site. If you run them, you may end up with an error “Could not load type ‘System.ServiceModel.Activation.HttpModule'”. To correct this run this to re-register ASP.NET:

c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -iru