I also like to setup restrict data sources. I don't like having the user name &
password on the server. I hope the system I have shown is acceptable.
Fortunately accessing a cfc directly through a browser throws a 403 error in
IIS, and ftp requires authenication.
Matt, I see by your title you a
I think the idea behind doing this sort of thing (requiring U & P in
the code) is its easier to hack the CF stuff -- which often resides in
a known location, for example -- than it is to get at the templates
themselves. And if they get at the templates you're through anyway.
One thing I make a po
ror.
>
>..
>Ben Nadel
>Web Developer
>Nylon Technology
>6 West 14th Street
>New York, NY 10011
>212.691.1134
>212.691.3477 fax
>www.nylontechnology.com
>
>"Vote for Pedro"
>
>-Original Message-
>From: Stan Winchester [mai
nology.com
"Vote for Pedro"
-Original Message-
From: Stan Winchester [mailto:[EMAIL PROTECTED]
Sent: Friday, December 16, 2005 8:32 AM
To: CF-Talk
Subject: Re: Required DSN Username & Password
Ben, Thanks for the suggestion! Are you restricting the file access at the
web serve
Ben, Thanks for the suggestion! Are you restricting the file access at the web
server level, or in CF? If in CF, are you testing for the file name in CGI
scope to deny access?
>We store ours in a CF struct:
>
>DSN = StructNew();
>DSN.Source = ""
>DSN.Username = ""
>DSN.Password = ""
>
>
>And the
91.1134
212.691.3477 fax
www.nylontechnology.com
"Vote for Pedro"
-Original Message-
From: Stan Winchester [mailto:[EMAIL PROTECTED]
Sent: Friday, December 16, 2005 8:13 AM
To: CF-Talk
Subject: Required DSN Username & Password
I'm using a web host that requires a DSN us
I'm using a web host that requires a DSN username & password for every query. I
am nervous about storing these values on the server in a globals setting file
for obvious security reasons. Does anyone have a suggestion how to safely store
a DSN username & password? I've thought about encrypting,
7 matches
Mail list logo