----- Original Message ----- From: <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Saturday, March 15, 2003 11:30 PM Subject: Re: OT Domain registration
| After looking at the URL, GoDaddy is hosting the domain and simply | putting up a frame src with whatever you type in apparently. | | <html><head><title>www.BodafordHomes.com</title></head> | <frameset rows="100%,*" border="0"> | <frame src="http://66.79.46.138/cfdocs/rea/index.cfm"; frameborder="0"> | <frame frameborder="0" noresize> | </frameset> | </html> | Actually by using this method of domain masking, you have created a big security hole on your server. For example: http://66.79.46.138/cfdocs/eal/index.cfm gets you to your "bodafordHomes" index page. If you trim the URL back a little to say, http://66.79.46.138/cfdocs You are giving public access to your CF docs directory, your CF Administrator and your CF sample applications, which really have no business on a web server. If you trim back a little further to http://66.79.46.138 then you get the default web site of GoLiberty online. ( which is a really nice site too!) The next consideration is if you ever want to provide your clients with a statistics report, you will not be able to, except for the default web site, and it will include all the sub-directories under it making it inaccurate. By setting up each of the sites as virtual sites, you can turn off your default web site, except for the short periods of time when you need to access CF administrator to change something or add an ODBC connection, etc. and then turn it off. An alternative would be to place a JavaScript redirect which sends the visitor to your own personal web site, which can also be a virtual site. This puts a small road block in the path of the intruders. You will also facilitate the search engines efforts in indexing your sites. ColdFusion will continue to work just fine with virtual web sites too. (assuming CF 5.0 or earlier.) CFMX is another animal altogether. ===================================== Douglas White group Manager mailto:[EMAIL PROTECTED] http://www.samcfug.org ===================================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
