[Looking for Charlie's main web site?]

Why you should think twice about leaving on the "public JRE" option of the Java JDK installer

This is a follow-up to a post I did in late 2014, CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'. In that post, I listed about a dozen common problems that befall people who try to update the JVM that CF is using (and it and this post apply as well to Lucee or BlueDragon, or indeed any Java application server).

In this post, I want to elaborate on one more common mistake. Well, mistake may be too strong word. It's about a default option when you run a Java JDK installer (see the other post for more on JDK vs JRE options).

In short, I make the case here for why you should NOT let the JDK installer implement its "public jre" option.

[....Continue Reading....]

Stuck running the ColdFusion 'Migration wizard'? Here's how to get past that

CF Admin migration wizard screenSomeone presented a problem on a discussion list where they found that upon installing CF, they got to the "migration wizard" screen, and though it offered the option to "continue" if it hung up, it did not continue for him.

In this post, I'll share how to get past that prompt, if this happens to you. (And despite that image on the right showing ColdFusion 11, this could conceivably happen in CF10, CF9, and so on, and this same solution applies to all.)

For the anxious folks who want to "skip the waffle" and context/setup, the solution is at the very bottom. :-)

[....Continue Reading....]

FusionReactor updated today: some general info related to getting/applying FR updates

How to update FusionReactorFusionReactor users will want to know that there was a new update released today, 5.2.6. The update is free for those on 5.2.x releases as well as those with maintenance agreements. And you can just download the installer and run it to update your current version (even back to FR 5.0, if you've not updated FR 5 since you first installed it).

But more than that basic info, I'd like in this post to take advantage of the chance to share a few things related to the topic of upgrading FusionReactor, including some common questions I often am asked as I assist people in using it:

  • Where do I get the update?
  • How do I find out what's new in the update?
  • Should I hesitate about applying the very latest FR update as soon as it comes out?
  • How would you I know there WAS an update to FR available?
  • Do I just need to run the full installer or can I update just one file perhaps?
  • Do I need to restart CF (or Railo/Lucee/Tomcat, etc.) for the update to take effect?
  • Can I update FRAM and choose NOT to update my monitored CF/Railo/Lucee/Tomcat/etc instance?
  • Why do you keep referring to "CF/Railo/Lucee/Tomcat/etc"? I thought FR was a CF monitor tool?
  • What if I'm on an FR version older than 5.0?

For these and more, read on.

[....Continue Reading....]

Solving slow CF startup: my elaborating on an Adobe blog entry on a possible solution

The fine folks at the Adobe CF blog posted a blog entry today, on "Sometimes ColdFusion services refuse to start normally post server restart" (by Rahul Upadhyay), which offers some helpful information on one possible solution to the stated problem of slow CF startup.

That said, there are some concerns I have, with respect to how I fear some may read and take action based on it (especially the notion of deleting the cfclasses files, as a possible solution to the problem).

I'm not contradicting Rahul here, just elaborating on some points, as someone who (like some on the CF team) helps people with CF server troubleshooting every day.

I started to write these thoughts as a comment there, and (as often happens) it grew long so I thought it better to be a blog entry rather than a long comment, and point people here. Once I did that I decided to go further still, hoping to really help those interested to consider the issue more carefully. (It also gives me a chance to highlight again the Adobe CF team blog, something I recommend EVERYONE reading this should follow!)

One quick point (and update) for the TL;DR cloud: My recommendation is that you move the cfclasses folder out of that location, as a temporary test, to see if it makes CF startup happen faster. If it does, I explain why and what the implications are in the choices of renaming, deleting, moving, or disabling the related "save class files" feature. Also, I add an update in E.1 below (since posting this) which you may really want to read: consider turning off your anti-virus software's real-time protection against the cfclasses folder to see if that alone helps with startup.

[....Continue Reading....]

CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'

Has this happened to you?
  • You wanted to update the JVM which CF uses to use a new version
  • so you found some resource on the web showing how to update, and it seemed simple enough
  • and then you tried restarting CF and wham, it won't start
  • and now you're stuck wondering, "what happened? and how am I supposed to fix this?"

It's a tragic position to be in, of course.

There are several reasons why your attempt to update CF's JVM can fail.

And fortunately I can offer several things you can consider/look at, some of which may quickly recover from or be able to undo (depends on what you did). And all this applies to Lucee, Railo, and BlueDragon as well, though folder locations will differ.

In brief, here are the things you may have done wrong. See below for solutions or recommendations:

  1. You may have told the Java installer to install itself WITHIN the CF directory. You should not do that.
  2. You may have gotten the wrong kind of Java installer
  3. You may have gotten the wrong bit-level of Java for your bit-level of CF
  4. You may have gotten the wrong JVM for your OS
  5. You may have tried to use a JVM not supported by the version of CF you're running
  6. You may have pointed CF to the wrong JVM location
  7. You may have updated the JVM config for the cfusion instance, but not your other instances
  8. You may have forgotten to change the path's directory separator slashes on Windows
  9. You may have to copy the msvcr100.dll from the JVM's lib to CF's when updating older CF's to Java 7+
  10. You may have to copy the tools.jar from the JVM's lib to CF's when updating older CF's to Java 8+ (and delete some files compiled for the old JVM)
  11. You may find that Solr integration (and/or PDFG in CF11+) stops working, because you didn't realize you needed to edit *its* jvm config file

While I'm at it, I also cover:

  • Why you'll find that CF can't even STOP (let alone START) if you make a mistake with the JVM configuration
  • What JVM version(s) are supported by what versions of CF
  • Dealing with SSL Certificates you may have imported into a previous JVM
  • Beware leaving the Java installer to choose the "public jre" option

So this really became quite a compendium of resources on changing the JVM CF uses, but again the focus is on why CF may not start if you make certain very common mistakes.

[....Continue Reading....]

Hidden Gem: Importing CF Admin settings in ANY release via 'import wizard', even AFTER installation

Have you ever faced the challenge of needing to migrate the CF Admin settings (datasources, mappings, scheduled tasks, etc.) from one machine to another, and from one CF version to a newer one? Did you know that there is an "import wizard" that you can (with proper configuration) run at any time to import settings from one release to another?

Before I discuss that, you may know of a couple of other solutions for this challenge: the CF admin ColdFusion Archive/CAR mechanism, available in some but not all editions (more below), and this same "import wizard" which runs at the end of CF installation, importing settings from an older CF version if found on the same box.

But what if either of those solutions don't work for you, and you have dozens of dsn's, scheduled tasks, mappings, or other settings you want to get from one machine/version to another?

You are NOT stuck having to manually copy settings from one screen to another! (And you should be very careful about the common hack solution of copying neo*.xml files from one instance to another, which may not always work and may break things.)

In this entry I'll discuss how you CAN indeed import the CF admin settings from nearly ANY release of CF into nearly ANY OTHER release of CF, in a fully supported way, and which CAN be done even after installation of a new CF release. (I say "nearly", because I worked with someone wanting to do this import of CF7 settings into CF10, and that large a jump was was not supported.)

I'll also mention an important potential gotcha to beware, as well as how to to get around that.

[....Continue Reading....]

Finding ColdFusion installers, updaters, hotfixes, and docs for all recent releases

This won't be new info for some, but many folks remain confused by the fact, that after Adobe released ColdFusion 11 2016, they can seem to only find ColdFusion 11 2016 installers on the Adobe site. What if you need installers for 11, 10, or 9, or 8, and so on?

(Update: I wrote this post originally after CF11 came out, but it applies as well and still now that CF2016 has come out, so I have changed the references to that from here on.)

Find CF installers, updaters, and docs for past several releases

The good news is that if one wants to find ANY installers for most ANY version of CF, they can be found on an external repository setup by Gavin Pickin (and added to by myself and others, to include updates, hotfixes, and docs):

Gavin Pickin's CFML Repo

The name, CFMLRepe, may confuse some if they presume it's a repo of CFML. It's not. What it is is that originally it did originally have only CF installers (and updates, etc.) but then some contributed installers for Lucee and such, so he chose the more "generic" name.

(There used to be a longer and hard-to-remember URL, when I posted this originally in 2014, and I had created a shortened url, http://bit.ly/cfdownloads. It's now not "shorter", so I leave this here for posterity.)

Thanks so much to Gavin for creating the repo, and to him and others for maintaining it. Let's hope it remains a viable solution to find downloads for years to come.

Applying hotfixes to ColdFusion 9 and earlier? A guide to getting it right

I realize that title may seem anachronistic. Why talk about hotfixes in CF9 and earlier, in 2014, indeed as CF11/Splendor is in beta? But I'll tell you that I still help people daily who are still on those older releases, and often they have problems that may have long since been solved by a hotfix or a cumulative hotfix they never applied--or may be caused by misapplication of such hotfixes.

Of course, in CF10 it's easier now because of the built-in "server updates" feature of the CF Admin. But in earlier releases, it was all on you to both keep up on the updates and to apply them manually. And a lot of people either never bothered, or may have tried and failed, or did it but got it wrong.

What you need to know

So in this blog entry, I some key info that will help you, if you may be in need of applying one or more of those updates to CF9 and earlier. Indeed, I'll point to some past entries I've done where I shared a lot more detail that I find is vital and rarely mentioned when some people try to share just the bare minimum of info (often leaving people hanging).

For instance, I'll help you answer such questions as what hotfixes do you already have applied? How do you find out? And you need to know exactly what version of CF you have, whether 9.0/9.0.1/9.0.2, 8.0/8.0.1, 7.0/7.0.1/7.0.2, and so on. I'll explain how to tell and why that's important, and especially when it comes to finding and applying hotfixes. And if you have applied hotfixes, are you sure you have done it right? It's easy to get things wrong and botch things. I'll help you avoid several very common mistakes.

(That's why it's so great that CF10 finally handles things for us. But this entry, focused on 9 and earlier, is not the place to discuss concerns with the CF10 hotfix mechanism. If you have questions or concerns about that, see the substantial CF10 Hotfix Installation Guide from Adobe, a 50-question FAQ on all things related to that feature.)

I'll also point you to where to find hotfixes and installers for CF9 and earlier (not as easy as it may seem), and still more.

If any of that's of interest, and I hope it is if you're on CF9 or earlier, then read on.

[....Continue Reading....]

Part 2: Serious security threat for ColdFusion servers [now covered by a hotfix]

Since I posted my entry earlier today about a Serious security threat for #ColdFusion servers [not now covered by a hotfix], I have had many questions and discussions which lead me to share more info.

At first I was adding these as updates to the previous entry, but I fear that some who may have read it earlier in the day may then miss some of this new info, thus this "Part 2". You will definitely want to read part 1 before proceeding here.

[Update: And since writing this entry 2 weeks ago, Adobe has indeed now come out with a hotfix. I have more to say about that in the new Part 3: Adobe hotfix released for "Serious security threat for #ColdFusion servers". While you should proceed to get that fix in place, you'll likely benefit from reading parts 1, 2, and 3, as there's more discussed than just the thread and fix, itself, which could benefit you down the road.]

Among the new information shared below are such things as how the hack worked (not too much detail, though), how to determine what the exploit may have exposed, how to handle resolving things for many sites via scripting, how to lock down the /adminapi, /administrator, and /componentutils directories, and most important, why you should not skip all this just because "we already block all access to the CFIDE/adminapi" (and /administrator and /componentutils)". There may be exposure you're not considering.

[....Continue Reading....]

Serious security threat for ColdFusion servers [now covered by a hotfix]

Hey folks, there's a fairly serious security threat out in the wild, and you may want to check if your server's been hit. (It may be old news to some, but for now it's hitting people in the past week or so.) It's been confirmed to have hit at least CF9 (9.01 and 9.0.2) servers, but it seems it would apply to as well to CF10 or down to CF 7, as it leverages the Admin API.

And note that it's NOT one that you're protected against by having applied CF security hotfixes. (Updated Jan 15 2013, as Adobe now has a hotfix for this. More below.)

There's quite a bit for you to consider regarding this recent threat, as I discuss here.

[....Continue Reading....]

More Entries

Copyright ©2018 Charlie Arehart
Carehart Logo
BlogCFC was created by Raymond Camden. This blog is running version 5.005.
(Want to validate the html in this page?)

Managed Hosting Services provided by
Managed Dedicated Hosting