Ian Skinner - I owe you an apology. After studying the access logs from the web
server, I can't say with 100% certainty but it looks like this happened because
someone hit the web server using an IP address. They didn't use the password to
force a call to OnApplicationStart so it must have been
Is it possible that someone is accessing your site by it's ip address, in an
attempt to fool it into something that could enable a hacking attempt?
I've seen security scanning software do similar things.
This is why I tend to have the production state be the default state, and
have development a
> Which means that if I (or any joker poking at your site to see if they
> can do something) who requests your site by its IP address could set
> your production server into dev mode.
Not necessisarily, that would depend on how the web server was set to
handle requests. One of my application has
Dave,
Since your config is based on the cgi.server_name variable, why don't
you search your web server access logs for calls to your dev domain
name? This would tell you when and what was accessed which might have
reset your app.
Dean
On Mon, Mar 28, 2011 at 4:00 PM, Dave Burns wrote:
>
>>On 3
44 AM
> To: cf-talk
> Subject: Re: What event specifically triggers OnApplicationStart?
>
> Since I don't get an exception thrown within OnApplicationStart, I can
> assume that CGI is defined and CGI.SERVER_NAME is also defined. The only
> thing I can say is that, assu
>On 3/28/2011 11:10 AM, Dave Burns wrote:
>> My code looks like this:
>>
>> configName = "dev"
>> if CGI.SERVER_NAME contains "blah.com"
>> configName = "production"
>
>Which means that if I (or any joker poking at your site to see if they
>can do something) who requests your site by its IP
On 3/28/2011 11:10 AM, Dave Burns wrote:
> My code looks like this:
>
> configName = "dev"
> if CGI.SERVER_NAME contains "blah.com"
> configName = "production"
Which means that if I (or any joker poking at your site to see if they
can do something) who requests your site by its IP address c
> On said diagnostic page, what is the value of CGI.SERVER_NAME and CGI.
> HTTP_HOST when the configName's value is "dev"?
Bill - That's the key question. My diagnostic page only dumps the current
config, not how it got there. I'm going to change that.
Since I don't get an exception thrown with
>One thing to keep in mind, if you do not have a *unique *ApplicationName on
>your server, then the variables could be shared w/another application--which
>is especially dangerous on shared hosting.
>
>I've seen people roll out an application w/a common ApplicationName like
>"MainApp" and have iss
>I think I can see one possible cause of your problem Dave.
>You may actually have 2 applications running.
>
>one on yourdomain.com
>and another on www.yourdomain.com
>
>So if someone goes to yourdoamin.com and then www.yourdomain.com they will
>NOT be seeing the same application. So perhaps most
> Dave - For the sake of argument, if the server is restarted but no one hits a
> single page on the app, OnApplicationStart won't run right? So if it
> takes a page hit to call it, CGI should be defined, no?
Yes, unless that page request comes through an event gateway I guess.
> I just grepped
> It's entirely possible that (a) the server is stopping and restarting,
> which will cause all applications to stop, or (b) there's an explicit
> call to onApplicationStart somewhere within your code - this is
> actually pretty common.
Dave - For the sake of argument, if the server is restarted
One thing to keep in mind, if you do not have a *unique *ApplicationName on
your server, then the variables could be shared w/another application--which
is especially dangerous on shared hosting.
I've seen people roll out an application w/a common ApplicationName like
"MainApp" and have issues w/
I think I can see one possible cause of your problem Dave.
You may actually have 2 applications running.
one on yourdomain.com
and another on www.yourdomain.com
So if someone goes to yourdoamin.com and then www.yourdomain.com they will
NOT be seeing the same application. So perhaps most people
On said diagnostic page, what is the value of CGI.SERVER_NAME and CGI.HTTP_HOST
when the configName's value is "dev"?
-Original Message-
From: Dave Burns [mailto:cft...@burnsorama.com]
Sent: Monday, March 28, 2011 1:10 PM
To: cf-talk
Subject: Re: What event specif
> To confirm my understanding, are you saying that on a very busy site, it's
> possible that OnApplicationStart might never run again once the app
> has started? (server admin and restarts aside.)
That's exactly correct.
> Since the app is running fine for months and then all of a sudden switch
>memory variables only timeout if they are not accessed the specified timeout
>period.
>every time anyone loads a page on your site, it accesses the application
>scope and their session scope, so the timeout is reset back to 0.
>
>An application will restart when ColdFusion restarts, when you reac
memory variables only timeout if they are not accessed the specified timeout
period.
every time anyone loads a page on your site, it accesses the application
scope and their session scope, so the timeout is reset back to 0.
An application will restart when ColdFusion restarts, when you reach the
18 matches
Mail list logo
