ColdFusion Security Training Next Week Dec 9-10
— New AI security topics have been added to Pete's ColdFusion Security Training Class.
Latest Blog Entries
Understanding Claude Code Permissions and Security Settings
— Going in the deep end exploring how claude code permissions work and what security protections are available.
ColdFusion Security Training Class December 2025
— Pete is teaching an online ColdFusion developer security training class.
ColdFusion Summit 2025 - 30 Years of ColdFusion
— Celebrating 30 years of ColdFusion at the 2025 ColdFusion Summit in Las Vegas
Generate 6 Digit Security Codes in Java or CFML
— Shows how to use java SecureRandom to generate a six digit security code.
ColdFusion Developer Week 2025 Slides and Video
— Slides and video links for my presentation at ColdFusion Developer Week 2025
Potential gotcha with searchImplicitScopes and cfparam
— Be careful when using cfparam to deal with searchImplicitScopes.
Simple Load Testing with curl
— How to use curl for a simple HTTP load test.
Fixinator 6.1.0 - Detecting Undefined Remote Arguments
— The release of Fixinator 6.1.0 and its features.
The CWE 25 and ColdFusion - CFSummit East 2025 Slides
— Slides for my talk at the 2025 Adobe ColdFusion Summit East Conference in Washington DC
Understanding and Checking for Tomcat CVE-2025-24813
— Writes are disabled by default in Tomcat's DefaultServlet, here's how to check your server.
Java 21: Could not find agent library instrument on the library path
— Debugging the error: Could not find agent library instrument on the library path
Fixinator Version 6 Released
— Version 6 of Fixinator a CFML code scanning tool has been released.
ColdFusion 2025 Breaking Changes Explained
— List of breaking changes in CF2025 and how to use Fixinator to spot them.
Fixinator's New Compatibility Scanner
— Fixinator's New Compatibility Scanner: Upgrade to the latest ColdFusion version with confidence. Identify compatibility issues, deprecated features, and removed tags/functions.
ColdFusion Summit 2024 Slides: 20 ways to secure CF
— My slides and an outline of my CF Summit 2024 talk in Las Vegas
Latest ColdFusion Security Updates - December 2025
— A list of the latest ColdFusion Security Updates
Left and Right Accept Negative Counts
— You can pass a negative value into CFML left or right functions.
Fixinator fixes unscoped variables
— Fixinator now finds and fixes unscoped variables relating to searchImplicitScopes
ColdFusion searchImplicitScopes and APSB24-14
— Learn about the searchImplicitScopes change in APSB24-14.
Popular Entries
Here are some entries that have been popular over the years:
- Finding Duplicates with SQL
- Howto Create an RSS 2.0 Feed
- The 15 Most Useful Linux commands
- Parsing, Modifying, and outputting XML Documents with Java
- SELECT a random row with SQL
- What is the difference between ASCII Chr(10) and Chr(13)
- SQL Pagination with LIMIT and OFFSET
- 20 ways to Secure Apache Configuration
- How I cut AWS Lambda Java Cold Start Times in Half
- Returning TOP N Records
- Mastering ColdFusion's CFQUERYPARAM
- Java LTS Versions Explained with EOL Dates
- How to read a ColdFusion Stacktrace
- The newline cat mystery
You can find the full entry archive here.