[Looking for Charlie's main web site?]

Special offer: upgrade to ColdFusion 2021 from CF2016 or earlier, saving perhaps thousands of $$

If you're running CF2016 or earlier, now's your chance (though the end of the year Feb 28, 2023) to save potentially thousands of dollars in upgrading to the latest current version, CF2021. Intergral, the folks who make the FusionReactor monitoring tool and service, are again offering a special deal of 25% off to upgrade CF2016 or earlier to CF2021 (a deal which even Adobe does not offer).

Read on for more details.

[....Continue Reading....]

Beware of ransomware attacks happening on ColdFusion 9 and earlier

If you're running CF9 or 8, beware: a recent spate of ransomware attacks have occurred, hitting such old CF servers that were not updated (in ways offered by Adobe in 2010!) This news has been reported in various security industry press, but I want to share here more that they generally did not.

TLDR; A most basic message to hear is "get off of CF9", or any version of CF that is no longer supported. But for the sake of those who wonder, "while I work on that, is my CF 9 really impacted?", I address that, and more. But again updating 9 to just "leave it at that" and get on with your life is NOT the main message to be hearing!

Of course, it's always risky to run old versions of software, and to be clear, CF9 was released in 2009 and CF8 in 2007. Sadly, some shops drag their feet to keep even such old software updated (they each got updates for 5 years after their release). But the problem is really coming home to roost for some.

Who's affected, and who's not? And what can you do, if still on CF9 or 8? And what more is known about the attack?

For more, read on. (BTW, yes I am aware that this is not "new info", as some were sharing it as much as 2 weeks ago. It simply took me time to gather up all the info below, to provide more specifics than those general interest articles were sharing.)

[....Continue Reading....]

My upcoming talk, "ColdFusion at 25: not the kid most have stuck in their minds"

As you may have heard by now, the free Adobe CF Developer Week 2021 will be held June 22-24. My session will be on June 22 at 4p Central in Track 2. While currently the DevWeek site only offers session titles and speakers (descriptions were added after I posted this: click the + sign to the right of each talk), here is mine, from the "presentations" page here on my site:

ColdFusion at 25: not the kid most have stuck in their minds

As ColdFusion turns 26 next month, many seem stuck remembering it only as the "teen" they knew or even the "child", when instead it's grown up to be a capable "adult", impressive in many ways, and even more so recently. In this session, we'll look back at how CF has indeed evolved into a very capable platform, with quite modern features that seem to surprise many--including people working with it currently. If you struggle "finding CF people" or "getting buy-in", perhaps these observations could help you with both challenges. If nothing else, they're things designed simply to help you get your job done, while keeping up with modern practices.

We'll start with many modern coding techniques--which will be familiar to those using more "modern" languages but that many don't realize CF supports, and may have for years. We'll then look at ways that things such as CF installation/deployment, configuration/administration, monitoring, security, and more have improved over the years. And we'll look not only at CF itself but the community surrounding it, ranging from resources for help and learning to tools and services that others have created, making CF a far more complete ecosystem than most give it credit. Put another way: it's not your father's CF!

I look forward to presenting this topic and hope you'll come check it out.

Why should one be careful about securing ColdFusion ARchive (CAR) files?

Note: This blog post is from 2020. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
You may hear (starting today) about a new admonition (a "strong recommendation") from Adobe that one should be careful to "delete CAR files once they are used". What's that about? And why is it a concern? (And is it ever NOT a concern?) Indeed why is it a new admonition? (To be clear: the recommendation should be heeded even by those using CF versions BEFORE this update and older versions like 11, 10, and so on.)

[....Continue Reading....]

Fixing CF: "Hey, how come ColdFusion debugging output is not showing up in my localhost testing?"

Note: This blog post is from 2018. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
This is a problem that has troubled many CF users for some years (especially as they have moved to later operating systems): they find that ColdFusion debugging output does NOT appear to them when testing using a URL with "localhost" for the domain name but it DOES appear if they use the 127.0.0.1 ip address instead.

TLDR (and update since initial post):
If you can add ::1 to the list of debugging IP addresses in the CF Admin, that should solve this problem. If you cannot, that problem was fixed a few months after I wrote this, in CF2018 update 2 and CF2016 update 8, released in Feb 2019 (and it's no longer a problem on CF2021 and above, of course). For those not yet running those, if you find that adding ::1 just turns into 0:0:0:0:0:0:0:2, read on.

For more on the matter, including why it happened, solving it, etc., read on.

[....Continue Reading....]

Why you should think twice about leaving on the "public JRE" option of the Java JDK installer

Note: This blog post is from 2016. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
This is a follow-up to a post I did in late 2014, CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'. In that post, I listed about a dozen common problems that befall people who try to update the JVM that CF is using (and it and this post apply as well to Lucee or BlueDragon, or indeed any Java application server).

In this post, I want to elaborate on one more common mistake. Well, mistake may be too strong word. It's about a default option when you run a Java JDK installer (see the other post for more on JDK vs JRE options).

In short, I make the case here for why you should NOT let the JDK installer implement its "public jre" option.

[....Continue Reading....]

Stuck running the ColdFusion 'Migration wizard'? Here's how to get past that

Note: This blog post is from 2016. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
CF Admin migration wizard screenSomeone presented a problem on a discussion list where they found that upon installing CF, they got to the "migration wizard" screen, and though it offered the option to "continue" if it hung up, it did not continue for him.

In this post, I'll share how to get past that prompt, if this happens to you. (And despite that image on the right showing ColdFusion 11, this could conceivably happen in CF10, CF9, and so on, and this same solution applies to all.)

For the anxious folks who want to "skip the waffle" and context/setup, the solution is at the very bottom. :-)

[....Continue Reading....]

FusionReactor updated today: some general info related to getting/applying FR updates

Note: This blog post is from 2015. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
How to update FusionReactorFusionReactor users will want to know that there was a new update released today, 5.2.6. The update is free for those on 5.2.x releases as well as those with maintenance agreements. And you can just download the installer and run it to update your current version (even back to FR 5.0, if you've not updated FR 5 since you first installed it).

But more than that basic info, I'd like in this post to take advantage of the chance to share a few things related to the topic of upgrading FusionReactor, including some common questions I often am asked as I assist people in using it:

  • Where do I get the update?
  • How do I find out what's new in the update?
  • Should I hesitate about applying the very latest FR update as soon as it comes out?
  • How would you I know there WAS an update to FR available?
  • Do I just need to run the full installer or can I update just one file perhaps?
  • Do I need to restart CF (or Railo/Lucee/Tomcat, etc.) for the update to take effect?
  • Can I update FRAM and choose NOT to update my monitored CF/Railo/Lucee/Tomcat/etc instance?
  • Why do you keep referring to "CF/Railo/Lucee/Tomcat/etc"? I thought FR was a CF monitor tool?
  • What if I'm on an FR version older than 5.0?

For these and more, read on.

[....Continue Reading....]

Solving slow CF startup: my elaborating on an Adobe blog entry on a possible solution

Note: This blog post is from 2015. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
The fine folks at the Adobe CF blog posted a blog entry today, on "Sometimes ColdFusion services refuse to start normally post server restart" (by Rahul Upadhyay), which offers some helpful information on one possible solution to the stated problem of slow CF startup.

That said, there are some concerns I have, with respect to how I fear some may read and take action based on it (especially the notion of deleting the cfclasses files, as a possible solution to the problem).

I'm not contradicting Rahul here, just elaborating on some points, as someone who (like some on the CF team) helps people with CF server troubleshooting every day.

I started to write these thoughts as a comment there, and (as often happens) it grew long so I thought it better to be a blog entry rather than a long comment, and point people here. Once I did that I decided to go further still, hoping to really help those interested to consider the issue more carefully. (It also gives me a chance to highlight again the Adobe CF team blog, something I recommend EVERYONE reading this should follow!)

One quick point (and update) for the TL;DR crowd: My recommendation is that you move the cfclasses folder out of that location, as a temporary test, to see if it makes CF startup happen faster. If it does, I explain why and what the implications are in the choices of renaming, deleting, moving, or disabling the related "save class files" feature. Also, I add an update in E.1 below (since posting this) which you may really want to read: consider turning off your anti-virus software's real-time protection against the cfclasses folder to see if that alone helps with startup.

[....Continue Reading....]

CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'

Note: This blog post is from 2014. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
[Originally posted in Dec 2014, updated as recently as Apr 2021]

Has this happened to you? You wanted to update the JVM which CF uses to use a new version...

  • so you found some resource on the web showing how to update, and it seemed simple enough
  • and then you tried restarting CF and wham, it won't start, or the admin won't open, or code starts failing
  • and maybe it's that things didn't fail immediately, but within hours or days folks report things breaking since you made the change
  • and now you're stuck wondering, "what happened? and how am I supposed to fix this?"

It's a tough position to be in, and tragic of course if CF won't start. But no, you do NOT need to reinstall CF!

Often it's just one thing you did by mistake, though there are indeed several possible reasons why your attempt to update CF's JVM can fail or lead to unexpected problems. And as you google about, you may find all kinds of helpful but often misinformed or spartan suggestions that may or may not help much.

So I offer here over a dozen of things you can and should consider/look at, some of which you may quickly recover from or be able to undo (depends on what you did). And all this applies to Lucee, Railo, and BlueDragon as well, though folder locations will differ.

If you're facing this bind right now, you can skip over the following to the the section, "Seeing better error info, when the CF service won't start", and then the section after that "So what went wrong?", where I present each likely problem and solution.

[....Continue Reading....]

More Entries

Copyright ©2024 Charlie Arehart
Carehart Logo
BlogCFC was created by Raymond Camden. This blog is running version 5.005.
(Want to validate the html in this page?)

Managed Hosting Services provided by
Managed Dedicated Hosting