Or howabout something totally cool - Since the inbuilt web server in MX is configured via an XML doc it can reconfigured by editing that XML config file. Talking with a MM guy lastnight he's was suggesting that he was going to write a CF configuration app for the Jrun WWW server to reable to reconfigure the webserver and control it...blocking an IP address could then be an automatic thing!
Obviously most people wouldn't be able to do this sort of stuff but it's neat nevertheless, well I thought so! > -----Original Message----- > From: Bob Krieger [mailto:[EMAIL PROTECTED]] > Sent: 31 May 2002 15:14 > To: [EMAIL PROTECTED] > Subject: RE: Global Error Trapping with CFERROR > > > Tis a problem.. What if you trapped the error with another > fuseaction, email the admin and send the user to another > fuseaction that simply displays the "user-friendly" error? > The hacker would hit that page repeatedly but with no > additional emails. > They COULD, howevere, go back and re-create the error > again and again, but I would imagine, this would get tiresome > for that idiot hacker.. > > My .02... > > Bob Krieger > www.FDBTutor.com > The FuseBox Tutor > > -----Original Message----- > From: Steve Nelson [mailto:[EMAIL PROTECTED]] > Sent: Friday, May 31, 2002 7:58 AM > To: [EMAIL PROTECTED] > Subject: Re: Global Error Trapping with CFERROR > > > I get emailed when errors happen. If I get an unusual number > of errors from someone, I go into IIS and block their IP > address. I've had to do this a few times. > > Steve Nelson > > Steve Bryant wrote: > > > One thought on that... > > > > I generally have my errors emailed to me as well. However, I am > > reading through "Hackproofing ColdFusion" and the author > suggests that > > > some hackers will find error pages (the ones with the user friendly > > error) and hit them repeatedly. The goal here is to overwhelm the > > mailserver. It is based on the assumption the error will be > emailed to > > > a system admin. If they can cause a massive number of hits > to the page > > > then they can crash your mailserver. > > > > I haven't figured out a good solution for this yet. The > book probably > > has an idea for this and I just haven't read that far yet. > Apparently > > if you are logging errors instead of emailing them, it can > still cause > > > problems. > > > > Speaking of, the book just came out and so far it is really > good. The > > majority of the stuff in there is pretty common sense, but it has > > enough new stuff (to me anyway) like the above to be well worth the > > money. I highly recommend it! (I don't know the author or anything). > > > > At 08:35 AM 5/31/2002 -0400, you wrote: > > >Add this into index.cfm > > > > > ><cferror type="EXCEPTION" template="act_error.cfm"> > > > > > >Then I usually make act_error email me an error of what's going on > > >and at the end I cflocate to home.error and it shows a > friendly error > > > >page. Now keep in mind since I cflocate to a fb3 path if there is > > >something wrong with the core files, like say I accidentlly delete > > >them, technically it would keep emailing me, but if I did > something > > >stupid enough to damage fb3 I deserve to get tons of email > becuase my > > > >site is completely broken. > > > > > >Robert Everland III > > >Dixon Ticonderoga > > >Web Developer Extraordinaire > > > > > >-----Original Message----- > > >From: Yudi [mailto:[EMAIL PROTECTED]] > > >Sent: Thursday, May 30, 2002 8:17 PM > > >To: [EMAIL PROTECTED] > > >Subject: Global Error Trapping with CFERROR > > > > > > > > >Hi, > > >Do anybody know how to create cferror in fusebox 3 ? > > >I put the following code on application.cfm > > ><cferror type="exception" > > > exception="any" > > > template="dsp_MsgErrors.cfm" > > > > > > >And I created dsp_MsgErrors.cfm at root site. > > >If I don't use fusebox 3 this code working well. > > > > > >Thank you > > > > > >Yudi > > > > > > > > > _____________________________________________________________________ > This message has been checked for all known viruses by UUNET > delivered > through the MessageLabs Virus Control Centre. For further > information visit http://www.uk.uu.net/products/security/virus/ > _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ ==^================================================================ This email was sent to: [email protected] EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================
