CF Summit 2017 – Part 2

Starting from Part 1 of my “CF Summit 2017” series I will dive into some of my conversations with Adobe and more “Application Monitoring Suite” details.

The Adobe Team

20171117_101210Let me start out by saying that I know a number of people, myself included, enjoyed having the ColdFusion engineering team on-site at the conference. I want to thank them for the long trip from India which appears to be at least a 24 hour trip one-way. I could barely stand the 3 hour cattle flight from Omaha on Southwest. Those seats were great when I was a kid half my current size – but they never seemed to take into account that American adults actually sit in those seats too!

I spent a bit of time speaking with Anit Kumar, the Technical Support Manager, who was very welcoming of what I had to say. A number of people also wanted his attention, so I also spoke a bit to Vamseekkrishna Nanneboina, the Quality Engineering Manager. Continue reading

Advertisements

CF Summit 2017 – Part 1

My co-worker at CF Webtools, Wil Genovese, and myself were fortunate to attend the Adobe ColdFusion 2017 Summit this year.

The primary focus of the event was on “Aether”, the next version of ColdFusion, which will be known as “ColdFusion 2018”. The primary topic surrounding Aether was the API Manager, Containerization (Docker), security by default and a new “Application Performance Monitoring Suite”.

20171116_101311

Continue reading

Finding the ColdFusion 11 Serial Number

Looking for the ColdFusion 11 Serial (License) Number on your existing install? Check out the plain-text file:

./cfusion/lib/license.properties

under the “sn” line

Lucee 5 ColdFusion Scheduled Tasks

Lucee 5.0 – 5.2.1.9 (current version) has a bug in scheduled tasks that seems to affect both Windows and Linux servers.

When scheduling a task, they end up getting marked as “expired” and never run. Not sure how this issue has made it this far into revisions, but as of this post it’s still an issue.

https://luceeserver.atlassian.net/browse/LDEV-897

You can work around this issue using a cron job by way of curl.

On Windows you can use the Windows Task Scheduler and curl. Curl can be downloaded from https://curl.haxx.se/download.html

6/21/2017 – marked for “NextSprint scheduled”

#lucee, #scheduled-tasks

Adobe ColdFusion 11 AWS AMI Converts to Developer Edition

We have a ColdFusion 11 server hosted on Amazon’s Web Service (AWS) Elastic Compute Cloud (EC2). We subscribe to the Adobe ColdFusion 11 license on a monthly basis using the Amazon Machine Image (AMI) Store.

We are still migrating sites to the EC2 instance and it is still in its infancy. What we noticed was that the log files were getting large quite fast with these entries:

License Error.You tried to access the Developer Edition from IP address (0.0.0.0). Already two IP addresses are accessing ColdFusion concurrently. The Developer Edition supports access by any IP address, but only two at a time, apart from the localhost. The additional IP addresses accessing ColdFusion are: 0.0.0.0,0.0.0.0 The specific sequence of files included or processed is: C:\ColdFusion11\Main\wwwroot\CFIDE\administrator\templates\secure_profile_error.cfm”

This meant that only two distinct visitors would be able to view our production sites at any given time. The license is supposed to be a Enterprise level license which can support very large traffic. But instead the license reverted to developer edition without warning.

The way I was able to resolve this issue was to send an email to CFsup@adobe.com. I included my AWS Account number. I also ran this issue by the “Adobe” CFML Slack Channel. Here was the timeline (Central Time):

8:12 PM: Posted issue on CFML Adobe Slack channel
8:21 PM: Emailed CFsup@adobe.com
11:15 PM: Anit Kumar responds to Slack from home
12:10 AM: Anit Kumar responds via email with new .jar file
12:38 AM: Server now on Enterprise license correctly

Here were the steps taken to apply patch:

  1. Navigate to the \ColdFusion11\cfusion\lib and search for “cfusion-req.jar”.
  2. Stop the ColdFusion Service.
  3. Take a backup of this original jar file and delete it. Renaming the jar file, will not help.
  4. Rename the enclosed cfusion-req.jar.123 to cfusion-req.jar and save it on the location mentioned in Step 1.
  5. Start the ColdFusion Service.
  6. Check the Edition by clicking on the System Information (“I” icon on right hand side top).

Anit said we could just apply the patch to the cfusion instance, however we ended up applying it to it and another CF instance while waiting for a response.

When we asked Anit what the issue was, this was his reply:

This was an issue with Amazon side and is very sporadic in nature. We have fixed and merged this in CF2016 AMIs on Amazon.

Copy tools.jar When Upgrading Java for ColdFusion

javalogo-81x162I happened to read a post on Adobe’s ColdFusion Facebook page, that references a blog post, that references a pretty obscure tip. ColdFusion really needs to implement this somehow in CF Admin like a configurable directory for this file.

I remember knowing this step, but forgot, because it’s documented in obscure places like in the upgrade notes when ColdFusion releases a patch that officially supports a newer version of ColdFusion.

Anyway, ending my rant, when you upgrade to a new major version of Java (and in my opinion every minor version too) be sure to do the following:

  1. Copy tools.jar from {JDK_Home}/lib to {cf_install_home}/{instance}/lib/
  2. Delete all files from {cf_install_home}/{instance}/stubs/ to get the newly compiled classes.

Only JDK contains the tools.jar file not the jre installation. You don’t have to install JDK on the machine where ColdFusion is installed. You can just have jre on this machine and get tools.jar from any other machine’s JDK installation.

#coldfusion-2, #java, #tools-jar, #upgrade

Deny URL Patterns With FW/1

Seeing that someone was trying to hit wp-login.php (WordPress login) a few times a minute on one of our servers at CF Webtools we decided to block any PHP requests since this is a ColdFusion server. It wasn’t as easy as I thought. This is a Windows 2008 R2 server running IIS 7.5 and ColdFusion 11.

Sample URL:
http://www.mysite.com/index.cfm/main/mypage/id/68249/id2/wp-login.php

At first I tried using Request Filtering under the “Rules”, “URL” and “Query Strings” tabs. These had no effect.

I then went to URL Rewrite where there was a custom rule to allow index.cfm to be absent from the URL.

<rewrite>
    <rules>
        <clear />
        <rule name="Rewrite FW/1 SES index.cfm">
            <match url="^(?!css|js|fonts)(.*)$" />
            <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                <add input="{REQUEST_URI}" pattern="^.*\.(bmp|css|gif|htc|html?|ico|jpe?g|js|pdf|png|swf|txt|xml|ttf|woff|eot)([/?].*)?$" negate="true" />
            </conditions>
            <action type="Rewrite" url="/index.cfm/{R:1}" logRewrittenUrl="true" />
        </rule>
    </rules>
</rewrite>

I then tried adding a rule using the default settings of wildcards. While the test responded okay, the actual page kept processing the URL.

Thanks to Wil Genovese, after switching the regular expressions and enclosing those in parenthesis, “.php” requests were finally denied.

<rule name="No PHP" stopProcessing="true">
    <match url="(.*)" />
    <conditions>
        <add input="{PATH_INFO}" pattern="(\.php)" />
    </conditions>
    <action type="AbortRequest" />
</rule>

2015-05-26_1538

#iis, #rewrite, #wordpress