SQL 2005 comes pretty secure out of the box (no external connections). Apache/IIS can be configured to listen only on 127.0.0.1, and so can ColdFusion (with a little xml editing).
Best not to use IIS, use apache, keep apache config in svn, so that changes to the config can be sent over to other developers, and you should be fine. If all the servers are listening only on 127.0.0.1, they're not really security holes now, are they? Unless you have them running as a system, and then some local Trojan exploits them, but that's pretty far fetched. In any case, set up local accounts with limited priviliges and run the services as such. We used to run everything on a shared dev server, but it's a pain. Things get edited, and don't get deployed, and pretty soon your dev environment is radically different then production. With a local dev environment, you know that you're the only one making changes, and you can revert everything back to way it is on production, and you can also use branches. Also use Eclipse with subclipse plugin. It makes working with subversion SO MUCH easier then tortoise (especially the merging). You can run it on your QA server and use it to merge branches into the trunk, and do testing on the QA server first, and then commit the changes to the trunk. Russ > -----Original Message----- > From: Robertson-Ravo, Neil (RX) [mailto:Neil.Robertson- > [EMAIL PROTECTED] > Sent: Thursday, August 10, 2006 3:52 AM > To: CF-Talk > Subject: Re: Development Environment Setup > > Probably not idiots, just not aware of what needs to be done or maybe a > cost > issue. > > > > > > > "This e-mail is from Reed Exhibitions (Oriel House, 26 The Quadrant, > Richmond, Surrey, TW9 1DL, United Kingdom), a division of Reed Business, > Registered in England, Number 678540. It contains information which is > confidential and may also be privileged. It is for the exclusive use of > the > intended recipient(s). If you are not the intended recipient(s) please > note > that any form of distribution, copying or use of this communication or the > information in it is strictly prohibited and may be unlawful. If you have > received this communication in error please return it to the sender or > call > our switchboard on +44 (0) 20 89107910. The opinions expressed within > this > communication are not necessarily those expressed by Reed Exhibitions." > Visit our website at http://www.reedexpo.com > > -----Original Message----- > From: Russ > To: CF-Talk > Sent: Wed Aug 09 21:10:37 2006 > Subject: RE: Development Environment Setup > > Then your security team is full of idiots. Not only can you set up a > firewall, you can configure apache/coldfusion to only listen on 127.0.0.1, > so that no other computers can access it. > > > -----Original Message----- > > From: Everett, Al (NIH/NIGMS) [C] [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, August 09, 2006 4:01 PM > > To: CF-Talk > > Subject: RE: Development Environment Setup > > > > I'd love to do that, but we're not allowed to have "servers" installed > on > > our desktop machines for "security reasons". > > > > -----Original Message----- > > From: OĆ°uz_DemirkapĆ½ > > Sent: Wednesday, August 09, 2006 2:37 PM > > To: CF-Talk > > Subject: RE: Development Environment Setup > > > > Test Server <---> SVN <---> Production Server > > > > | > > | > > Developers > > > > Test Server: Testing current status of code and deciding production > > version of code. > > > > Production Server: Deploying tested code version from SVN reposity. > > > > Developers: Every developer have their local CF installation and they > > chekin/checkout code from main SVN reposities. > > > > > > This is what we have here. :) > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:249430 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
