ColdFusion Muse

Yes we ARE Looking for ColdFusion Developers - Send Resume!

Feb. 2016 Job Posting

As many of my readers know, we generally look for new developers every 2 to 3 months. So the time is come again.

Soft Skills

Yes these come first for us.

  • Ownership - You see the big picture and work to accomplish goals for the client rather than checking off individual tasks.
  • Eclectic Tech - You are always picking up widgets, gadgets, languages and libraries to improve your effort for the client.
  • Community - You genuinely love others and are committed to their professional and personal well being.
  • Autodidact - You learn naturally and organically and learning motivates you.
  • Overcommunicator - You enjoy breaking down complex tech ideas into concepts a customer can grasp and use to make decisions. NOTE: this is a core component for us!.
  • Sense of Humor and Fun - You are quirky and fun with a gentle sense of humor that allows you to laugh as well as encourage.
And here are the Tech Skills:
  • Advanced ColdFusion - Yes you will have to complete coding challenge to prove it. no exceptions. :)
  • Environment Setup - You should know how to accomplish a basic local setup including web server (IIS and Apache), CF Application server, checking out code from Git or SVN, using an Eclipse environment etc. You should not be a campaigner for Mac or Windows or Linux - you will end up being exposed to all environments. We don't judge here. :)
  • Advanced Database Skills - You need MySQL, MSSQL and/or Oracle skills for writing queries, stored procedures etc. You should have more than a passing familiarity with DB architecture and design.
  • Some diverse technology skills - Mobile skills are a plus, jQuery, Angular, Node, Java - bring something else to the table.
For more info on what it takes to be a CFWT consultant check out my post on You Might be a Muse All-Star.

Frequently Asked Questions

  • Do you allow telecommuting? Yes all our development positions are full-time remote positions.
  • What sort of dev environment can I expect? We are an eclipse shop and rely on SVN, Jenkins, and an agile like approach to development. Having said that, as an outsource development company we frequently integrate with external teams. Yes, Windows and IIS will no doubt be in play for you.
  • What Industries are you working in? We have sites we develop and maintain in the Financial sector (stocks, options, commodities, retirement planning and management etc.), Tax planning, Civil Government, Insurance, Medical, Pharmaceutical, retail sales, real estate, etc. We have a very broad client list.
  • Will I get to meet the Muse? Of course, but it's probably not all it's cracked up to be.
  • Do you use frameworks? Yes - all of them all the way back to Fusebox 2. We work on new projects in common frameworks like Coldbox, FW/1 or DI/1, but we also support a host of legacy applications done on custom frameworks or with no framework at all. So get ready for multiple challenges.

We pay a competitive salary and benefits. CF Webtools maintains sites on virtually all ColdFusion and Database platforms with dev and QA servers and full SDLC. Our work is challenging, invigorating, sometimes frustrating, but rarely boring. Our development group is full of witty, interesting, overcommunicating and extremely talented developers. It's a true mentoring community. If that sounds like a place you would like to work (and you meet our high skill-set standards) send your resume to jobs@cfwebtools.com - or contact the Muse directly if you like. Tweet me @cfwebtools or use the "Ask a Muse" link on this blog (I'm easy to find). You can also call 402 408 3733 and ask for Mark or Jason - we'll be thrilled to speak with you about our opportunity. The official job posting may be found on our corporate site at the Job Openings page.

Muse Tips

Be prepared to talk about your overall work habits, life experiences and approach to people. Don't fall into the trap of riffing on this tech or that tech or putting something down. Tell us about new things you are doing - complex and interesting problems you have solved and new tech you are excited about.

Expanding again! Looking for Advance ColdFusion Developers

CF Webtools is expanding (again) and looking for high quality ColdFusion developers. If you have some mobile skills you might end up at the front of the line.

Here are the soft skills we are looking for.
  • Ownership - Your focus is not on your job description or shifting responsibility but on outcomes that satisfy the client.
  • Eclectic Tech - You think about things up and down the technology stack and are not just focused on your skills or favorite tech.
  • Community - You love to share with others as well as engage and learn. Love is an intentional word! We don't use it casually - we mean it.
  • Autodidact - You have evolving skills and you are constantly picking up new ones.
  • Overcommunicator - You explain technical concepts to non-technical folks without condescension. You thrive on copious detail. This is a core competency for us. You have to be relational with our customers.
  • Sense of Humor and Fun - You like to laugh and hang around with a funny people - without the need to put anyone down. No kidding this is a requirement! No Eyors!
And here are the Tech Skills:
  • Advanced ColdFusion - we will test you. We are looking for folks who know more than syntax on a web page. Everything you do with regard to the test is being evaluated. That means not just the skills you portray but getting connected to the VPN, using the IDE, the kind of questions you ask and how you respond to feedback.
  • Environment Setup - You should be used to setting up sites in a local environment (i.e. on your workstation) using CF, IIS and/or Apache. We can help of course and sites can be idiosyncratic and require some effort. But you should not be scratching your head over how to organize code, SVN, Eclipse, IIS setting etc. That needs to be a part of your core skills.
  • Advanced Database Skills - I don't mean you need to know how to build, manage and restore DBs. But you should know how to write a complex query and/or a stored procedure for one or more of the "big three" DB platforms.
  • Some diverse technology skills - At the moment we are looking for mobile skills (responsive design, bootstrap, jQuery mobile, angular etc.).
For more info on what it takes to be a CFWT consultant check out my post on You Might be a Muse All-Star.

Frequently Asked Questions

  • Do you allow telecommuting? Yes all our development positions are full-time remote positions.
  • What sort of dev environment can I expect? We are an eclipse shop and rely on SVN, Jenkins, and an agile like approach to development. Having said that, as an outsource development company we frequently integrate with external teams. Yes, Windows and IIS will no doubt be in play for you.
  • What Industries are you working in? We have sites we develop and maintain in the Financial sector (stocks, options, commodities, retirement planning and management etc.), Tax planning, Civil Government, Insurance, Medical, Pharmaceutical, retail sales, real estate, etc. We have a very broad client list.
  • Will I get to meet the Muse? Of course, but it's probably not all it's cracked up to be.
  • Do you use frameworks? Yes - all of them all the way back to Fusebox 2. We work on new projects in common frameworks like Coldbox, FW/1 or DI/1, but we also support a host of legacy applications done on custom frameworks or with no framework at all. So get ready for multiple challenges.

We pay a competitive salary and benefits. CF Webtools maintains sites on virtually all ColdFusion and Database platforms with dev and QA servers and full SDLC. Our work is challenging, invigorating, sometimes frustrating, but rarely boring. Our development group is full of witty, interesting, overcommunicating and extremely talented developers. It's a true mentoring community. If that sounds like a place you would like to work (and you meet our high skill-set standards) send your resume to jobs@cfwebtools.com - or contact the Muse directly if you like. Tweet me @cfwebtools or use the "Ask a Muse" link on this blog (I'm easy to find). You can also call 402 408 3733 and ask for Mark or Jason - we'll be thrilled to speak with you about our opportunity. The official job posting may be found on our corporate site at the Job Openings page.

Rant

Not everyone is a good interviewee. That doesn't mean we discard you out of hand. We don't have a checklist of items that immediately cause us to strike you off the list. We expect you to be human. However... you should be an "advanced" developer capable of working with our team in a way that adds value. That means there are certain things that leave a bad taste in our mouth. Because the muse wants everyone to do well, I'm going to give you the keys to the kingdom in the following advice :

What does "Advanced" remote CF developer mean to the Muse and his team at CF Webtools? It means we won't have to hold your hand to:

  • Deal with hardware - We know that things happen, but we expect you to be able to maintain a dev environment and be able to solve your individual hardware issues. That's the price of being able to work from home and not have to spend an hour a day in traffic. :)
  • Deal with VPN and networking - We can help, but if you don't understand networking, you should get up to speed quickly. Remote development means you need a fast, reliable network and very good technical understanding of networks and VPN.
  • Deal with web servers and your local environment - This is an area where we are increasingly less flexible than we used to be. We expect developers to be well versed at setting up sites and dealing with the nuances of a CF application in a local environment.
  • Deal with your IDE issues - You are expected to know, use and learn CF Builder integrated with SVN or Git. We like integrated team environments. If you have another favorite IDE (sublime or whatever) that's great. You can even use it. But when we work with you we will expect to see CF Builder and we will expect you to be expert at it.
  • Deal with your soapbox - You will likely be required to work within a windows environment at some point. The Muse, who has 9 or 10 computers including Apple's latest and greatest, likes and uses Windows. You don't get points from me when you elbow me with your inside anti-MS, Pro-Apple jokes, or when you put a dollar sign in Micro$oft. Indeed you will find that you don't get points from me for needling any technology. We expect enough maturity from you to realize that your opinion about technology is a tiny part of an overall business effort. In fact, as some helpful Muse advice for life in general: Be "UP" on many things and "DOWN" on very few. Your success will never be dictated by how effectively your criticize someone or something. But it may indeed be dictated by your conscious choice to encourage and uplift someone else. If you are one of those folks who loves the inside joke that lets you be snarky and superior let me paraphrase John the Baptist and say, "Repent for the kingdom of the Muse is at hand!" Actually I heard a rumor he was a Presbyterian.
We have 2 legs of inquiry - technical and cultural. Technical interview dwells on your hard skills and cultural on your soft skills. Hard skills are "Pay to Play" - without them you don't get past the test. But soft skills are where we gain separation. We spend a great deal of time in our "cultural interview" trying to tease out attitudes that can help or hurt our staff. We have a very definite "type" of person we are looking for - helpful, highly communicative, work/life balanced and eclectic. So be forewarned - we want positive people who like others, like technology and understand the big picture. You now know everything you need to succeed should you choose to apply. Good luck!

Do I Sound Like a Brokent MP3 player? Time to Hire Again!

My brother Bill tells the following story. His oldest son at the age of 6 or 7 was harassing him about something the way children do. It might be a toy or a snack or an instance that you switch off of PBS and go back to Nickelodeon. Whatever the case he was going on an on - persisting in his request until finally, having had enough, Bill said, "Wriley, be quiet! You sound like a broken record."

This stopped my nephew who looked thoughtful for a moment and then asked, "Dad, what's a broken record?" He had never heard the skippity scratchy sound of a defective vinyl disk except perhaps on the radio as DJ flippity flunk manipulated a turn table.

Well at the risk of sounding like a broken record (not to mention using a deprecated metaphor), it's time to hire again. That's right - the Muse is recruiting high quality developers to add to his superior staff. You get to work with me every day (even if you don't want to) and put up with puns and groaners - as well as hyperbolic praise from time to time. At this time we are looking for straight up senior ColdFusion developers with the usual spate of ancillary skills (DB, jQuery, bootstrap, ajax, angular etc). If you think you fit the bill and are ready for the challenge send your resume to jobs@cfwebtools.com. We will be thrilled to speak with you and to get to know you whether we hire you or not. :) This is full time telecommuting (U.S. States only). Because I lack the energy to once again list all the benefits and nuances of working with CFWT I will refer you back to my previous post from a couple months ago (when we hired 4 new folks). I look forward to hearing from you ColdFusion folks and making new friends and colleagues.

ColdFusion, SSL, SNI, SAN and Wildcards - Stuff You Need to Know

The Muse welcomes back his friend and colleague (and super genius guru) Wil Genovese with an timely post on SSL and Certificate types. If you have had your head in the ground (or perhaps you have been guest staring on "Naked and Afraid" or "Survivor") you may have missed the hubbub surrounding TLS, SSL and changes and support. There is a lot going on and it is more important than ever that you get your hands around the issue to keep your users safe. Wil has done Yeomen's work identifying the types of certs, the versions of ColdFusion and Java that support them, and work arounds and caveats for those of you who need them. You will likely want to bookmark this one. Take it away Wil.

[More]

Time to Hire Again!

After a longer than usual hiatus CF Webtools is looking yet again for qualified advanced developers. We are looking now for both ColdFusion help and Flex, AIR and Phonegap help. Here's the good news blurb about CF Webtools:

  • Never Boring - our staff is lively, energetic, positive and usually funny (well... they think they are funny). Among our eclectic group are golfers, motorcycle enthusiasts, belly dancers, photographers, gamers (shocking I know), fencers (as in touche'), rock climbers, fisherman, fireman, musicians, family people, single people (mostly hot), dog people, cat people, PC people and Mac people. We even have the mother of a fashion model. With all that energy it's a wonder we get anything done. But the truth is we all love what we do and we are stronger together than separately.
  • Professionally Stimulating - Stay with us long enough and you'll work on every version of ColdFusion back to version 5 (or at least you'll hear stories). We have large legacy codebase's that we maintain, as well as pure greenfield projects. We have mobile (lots and lots of mobile), Mura, FW/1, Home Grown, Model Glue, Mach II, Fusebox, ColdBox, and a box of crackers in the break room. We use MS SQL, Oracle, MySQL, and Sybase. We have apps using maps, apps using web services, apps using APIs and API's using our apps. If there's a "way to do a ColdFusion application" we have seen it, done it and probably maintained, refactored it and maybe invented it. So if you are a lover of programming, programming languages and ColdFusion in particular, you will love it here.
  • Interested in Balance - as noted above we are not looking for developers who are so entrenched in a technical life that they have no time for anything else. Professional developers with high productivity and high aptitude are above all balanced. They love ColdFusion and can't wait to code (most days) but they also love eating out, movies, spending time with their kids, going to the gym, cruises, photography, and vacations. We have found that the developer with a whole life (I mean balanced and full of loving relationships - not the insurance) is the one that fits our staff, communicates well, and thrives here at CFWT.
  • Fully Remote - If you live and work in the big City, let CF Webtools give you your life back! We offer full time remote work with benefits to developers in the U.S. If you are used to commuting this can put 2 hours back into your life, not to mention finally getting you off of Lipitor.

You might have noticed I'm a little over the top when it comes to my company and staff. But we believe in who we are and we are looking for folks who like it and want to be a part of it.


Here are the soft skills we are looking for.
  • Take ownership of a problem. This involves continuing to think about solutions and outcomes even when you think it's not your responsibility. Meeting the need and fixing the problem has to be center stage.
  • Think around all angles of a problem for all possible solutions. This involves considering details within and outside of your expertise moving up and down the tech stack.
  • Love the tech community as a place to engage and learn. I'm not glib about love. I believe and practice it!
  • Have evolved skills in an eclectic mix of technologies and like to learn new ones.
  • Explain technical concepts to non-technical folks. This is a core competency for us. You have to be relational with our customers.
  • Know how to honor non-technical people for their own skills and expertise. Also a core competency here. If we make fun of end users we are gentle about it. We respect and honor our customers.
  • Can laugh, chortle, guffaw and otherwise split a gut with a group of insanely funny people - without the need to put anyone down. Actually some of them are mostly just insane, but they all think they are funny.
  • Are anxious to be a part of a close knit team who encourages and believes in you.
And here are the Tech Skills:
  • Advanced ColdFusion - note, we will test you. We are looking for folks who know more than syntax on a web page. You should be well versed in the guts of complex ColdFusion application building. Also note, everything you do with regard to the test is being evaluated. That means not just the skills you portray but getting connected to the VPN, using the IDE, the kind of questions you ask and how you respond to feedback.
  • Advanced Database Skills - I don't mean you need to know how to build, manage and restore DBs. But you should know how to write a complex query and/or a stored procedure for one or more of the "big three" DB platforms.
  • Some diverse technology skills - we don't necessarily dictate what that is but we are looking for folks with a broad swath of skills. Right now knowing and developing in .NET, doing IOS/Droid development, Phonegap, Flex, AIR, or troubleshooting CF servers and server admin are skills might give you an edge in your application. But if you come to us with several skills that we don't need at the moment you would still be an attractive candidate.
For more info on what it takes to be a CFWT consultant check out my post on You Might be a Muse All-Star.

Frequently Asked Questions

  • Do you allow telecommuting? Yes all our development positions are full-time remote positions.
  • What sort of dev environment can I expect? We are an eclipse shop and rely on SVN, Jenkins, and an agile like approach to development. Having said that, as an outsource development company we frequently integrate with external teams. Yes, Windows and IIS will no doubt be in play for you at times.
  • What Industries are you working in? We have sites we develop and maintain in the Financial sector (stocks, options, commodities, retirement planning and management etc.), Tax planning, Civil Government, Insurance, Medical, Pharmaceutical, retail sales, real estate, etc. We have a very broad client list.
  • Will I get to meet the Muse? Of course, but it's probably not all it's cracked up to be.
  • Do you use frameworks? Yes - all of them all the way back to Fusebox 2. We work on new projects in common frameworks like Coldbox, FW/1 or DI/1, but we also support a host of legacy applications done on custom frameworks or with no framework at all. So get ready for multiple challenges.

We pay a competitive salary and benefits. CF Webtools maintains sites on virtually all ColdFusion and Database platforms with dev and qa servers and full SDLC. Our work is challenging, invigorating, sometimes frustrating, but rarely boring. Our development group is full of witty, interesting, overcommunicating and extremely talented developers. It's a true mentoring community. If that sounds like a place you would like to work (and you meet our high skill-set standards) send your resume to jobs@cfwebtools.com - or contact the Muse directly if you like. Tweet me @cfwebtools or use the "Ask a Muse" link on this blog (I'm easy to find). You can also call 402 408 3733 and ask for Mark or Jason - we'll be thrilled to speak with you about our opportunity. The official job posting may be found on our corporate site at the Job Openings page.

Rant

Not everyone is a good interviewee. That doesn't mean we discard you out of hand. We don't have a checklist of items that immediately cause us to strike you off the list. We expect you to be human. However... you should be an "advanced" developer capable of working with our team in a way that adds value. That means there are certain things that leave a bad taste in our mouth. Because the muse wants everyone to do well, I'm going to give you the keys to the kingdom in the following advice:

What does "Advanced" remote CF developer mean to the Muse and his team at CF Webtools? It means we won't have to hold your hand to:

  • Deal with hardware - We know that things happen, but we expect you to be able to solve your crashed drive or video card problem on your own.
  • Deal with VPN and networking - If you don't understand networking, you should get up to speed quickly. You can start by reading the stuff on ColdFusion Muse related to networking. Meanwhile we should never have to "suggest" that you "try pinging" to see what IP address is resolving, or ask you if you are "internal" or "external" to a network.
  • Deal with web servers and your local environment - Yes we know you are an "Apache" person. Congratulations we are all very proud. Meanwhile, the environment is usually dictated by the client and not by your faith your favorite stack. You should also know and be familiar with IIS. When I say familiar it means you will have installed IIS in at least a local environment, set up ColdFusion within IIS, and developed against it. Customers love windows even if you don't. Frankly, the Muse wonders about this hubbub.
  • Deal with your soapbox - While we are on the subject, we are really thrilled that you are a "Mac" person. We know it's flashy and sexy and fast and makes you giddy to have a new iWhateverTheLatestIs. However, you will likely be required to work within a windows environment at some point. The Muse, who has 9 or 10 computers including Apple's latest and greatest, likes and uses Windows. You don't get points from me when you elbow me with your inside anti-MS, Pro-Apple jokes, or when you put a dollar sign in Micro$oft. We expect enough maturity from you to realize that your opinion about technology is a very small part of an overall business effort. The same is true of your favorite source control - sometimes we use Git, sometimes SVN, Sometimes something else (it's client dependent).
  • Deal with your IDE issues - You are expected to know, use and learn CF Builder integrated with SVN or Git. We like integrated team environments. If you have another favorite IDE (sublime or whatever) that's great. You can even use it. But when we work with you we will expect to see CF Builder and we will expect you to be expert at it.
We spend a great deal of time in our "cultural interview" trying to tease out some of these unhelpful attitudes. So be forewarned - we want positive people who like others, like technology and understand the big picture. You now know everything you need to succeed should you choose to apply. Good luck!

Time for a CF_Change - CF Webtools Job Opening Dec. 2014

As happens every few months, CF Webtools is expanding yet again and looking for qualified advanced developers. We have a growing list of extremely challenging and projects and delightful customers (mostly delightful) that need our expert attention. What's it like working for CF Webtools?

  • It's not Boring - our staff is fun, engaging and mostly funny and entertaining. Among our eclectic group are golfers, motorcycle enthusiasts, belly dancers, photographers, gamers (shocking I know), fencers (as in touche'), rock climbers, fisherman, fireman, musicians, family people, single people (mostly hot), dog people, cat people, PC people and Mac people. We even have the mother of a fashion model. With all those outside activities how do we find the time for technology - but believe me we do! The truth is we all love what we do and we are stronger together than separately.
  • Professionally Stimulating - Stay with us long enough and you'll work on every version of ColdFusion back to version 5 (or at least you'll hear stories). We have large legacy codebase's that we maintain, as well as pure greenfield projects. We have mobile (lots and lots of mobile), Mura, FW/1, Home Grown, Model Glue, Mach II, Fusebox, ColdBox, and fantastic mind numbing home-grown frameworks that we all Loooove to work on. We use MS SQL, Oracle, MySQL, Couchbase, Mongo, and Sybase. We have apps using maps, apps using web services, apps using APIs and API's using our apps. If there's a "way to do a ColdFusion application" we have seen it, done it and probably maintained, refactored it and maybe invented it. So if you are a lover of programming, programming languages and ColdFusion in particular, you will love it here.
  • Interested in Balance - as noted above we are not looking for developers who are so entrenched in a technical life that they have no time for anything else. If your first life is so technical you are buried in a second life we may not be for you. Professional developers with high productivity and high aptitude are above all balanced. They love ColdFusion and can't wait to code (most days) but they also love eating out, movies, spending time with their kids, going to the gym, cruises, photography, and vacations. We have found that the developer with a whole life (I mean balanced and full of loving relationships - not the insurance) is the one that fits our culture, communicates well, and thrives here at CFWT. And believe me, culture is very important. Your CF skills have to be top-notch, but that's just Pay-to-play. We want someone who thrives on our staff.

I know you've come to expect nothing less than unmitigated hyperbole from the Muse, but it is a great place to work and we are thrilled to be able to employ so many talented and interesting developers and engineers.

Here's the Blurb. Do you:

[More]

ColdFusion and JVM Versions and SSLv3-TLS Security Magic

This is the second entry by Wil Genovese (Trunkful.com) in our effort to provide a complete picture of how CF, Various versions of JVMs and various versions of SSL all work together. Wil's previous article on Surviving Poodle detailed a blow by blow description of how to troubleshoot a system broken due to the upgrading of SSL. This article includes some detailed technical information as well as the results of some painstaking tests. It is our hope that it will serve as a guide. It represents yet another reason to insure that you are upgrading to the latest JVM and CF version. Take it away Wil:

[More]

Surviving Poodle - ColdFusion and SSL 3

There's been a great deal of buzz about poodle. Poodle is an SSL exploit capable of highjacking a session using a browser's ability to "negotiate downward" the level of SSL it uses. It's recent prolifieration has put some urgency into the efforts to force existing applications and platforms to deny the use of any standard of SSL less than version 3.0. Super guru Wil Genovese (Trunkful.com) recently did some troubleshooting on a ColdFusion server with an issue related to this necessary configuration step. Wil writes:

We ran into an issue when a company contacted us at CF Webtools because ColdFusion was suddenly no longer able to connect to their email providers mail servers. One day ColdFusion was sending emails to their clients just fine and the next day it was failing. As you know these issues are usually best resolved by asking "What changed?" As far as the client knew, nothing had changed - but we knew enough not to stop digging.

[More]

Side-by-side Configuration Error installing CF 11 on Win2008r2

One of my colleagues, Chris Tierney, was installing a pristine copy of ColdFusion 11 on a Windows 2008 server. He followed our standard protocol which is to install the server using the "built in" Web server, then create instances (we typically use multi-server mode) then use wsconfig.exe to connect the instances to IIS. It all went as planned until he tried to run wsconfig.exe (FYI - you must always run this as administrator). He got an error as follows:

java.io.IOException: Cannot run program "C:\Users\ADMINI~1.CFW\AppData\Local\Tem
p\2\\ExecuteAppCmd\ExecuteAppCmd.exe": CreateProcess error=14001, The applicatio
n has failed to start because its side-by-side configuration is incorrect.


Followed by an odd stack trace. After experimenting with permissions and googling he stumbled on Bug 3761543 in the ColdFusion bugbase. The issue is not very well documented. Apparently the MS C++ package installed on 08 is 32 bit. I'm not clear if we installed it or it shipped with 08, but remember, you need the MS C++ 64bit SP1 Redistributable. Here's the download link from Microsoft so you don't have to hunt it down.

The Fix

Microsoft Visual C++ 2008 SP1 Redistributable Package (x64)

One more time: This download fixes the "side-by-side configuration" when installing ColdFusion 11 on Windows 2008r2.

Business Referral - don't forget

A week ago, in my post, The Muse Has Cash... I started a new program to reward community members for leads. Thank you for all the input and for the many leads generated already. We really appreciate it and we'll make you proud! After a quarter or so I will report on the success of the program.

Meanwhile, a few have pointed out that the previous post is lengthy so I wanted to put up the "express checkout" version. It's simple, if you refer a lead to us (email cfleads@cfwebtools.com) that results in new business, we will pay back to you 8% of the gross revenue from that customer in the first 10 months of working with the customer. If the customer spends 10k with us, you make $800.00. Simple and easy. So hook the Muse up. We are looking for another record year!

Note: In the past the Muse has offered bonuses for referring developers to us. This program is for new business, not developers - although as always if you are looking for work send me your resume. We typically hire several times a year.

Running ColdFusion 10 in Distributed Mode

A recent discussion on CF-Talk had a member trying to find instructions for setting up ColdFusion in "Distributed mode" on a CF 11 server. If you have never heard of "distributed mode" you are not alone among CF developers. It's not a common setup in my experience. Here's a quick 101. Many processes and daemons on a given server communicate using the TCP stack. TCP provides a predictable, high capacity, mature protocol for piping requests and data in and out of server processes. In this case, IIS or Apache communicate with CF through the local loopback (localhost or 127.0.0.1) IP address and a port - usually 8012 (or 8013 or 8014) chosen at installation. Naturally you can alter the IP address to which you are connecting, changing it from the loopback to... well any IP that's listening on 8012. That means you can set up your ColdFusion servers separately from your web servers. After all it's just IP networking. Why would you do that? The Muse will let his guest handle that question.

Meanwhile, to preempt (or perhaps spur) discussion, the Muse will note that this process is similar to something called "Reverse proxy" which functions in much the same way. The difference being with CF distributed, IIS on the front end handles all the "http stuff" and passes the request to CF just like it was a local engine, whereas with reverse proxy the HTTP request is simply redirected to the alternate server. That means the alternate server needs to be a full webserver plus application server. While that increases the overhead a bit, it has some advantages - but that's a topic for a different post.

Back to our CF-Talk question, it quickly became apparent that not many folks actually knew how to accomplish this task on a CF 10 (or 11) server due to the underlying platform switch to Tomcat. After some back and forth Byron Mann chimed in with some very specific instructions on how to get this done. Byron is a lead engineer at HostMySite - which makes the Muse feel better about their ColdFusion support. :) Here's his tutorial.

[More]

Can't Save applicationHost.config?

In an email group I am in there was a problem brought to the floor regarding removing the wildcard mapping from the applicationHost.config file in IIS 7.5. This file resides in the system32/inetsrv/config directory of your windows server and it contains the defaults for all sites. The defaults can be overridden using a web.config file in the root directory of an individual site. The user in question was trying to manually uninstall the connectors for ColdFusion 9. After going through all the steps there was one thing he could not seem to get rid of - a wildcard mapping for the jrun_iis6.dll in the handler mappings of IIS. He went down the list of things he had done and we all agreed that each file and step was complete - including removing the "global" mapping for this handler from applicationHost.config. While we were puzzling super guru and CFCelebrity Charlie Arehart (he of CF 411 fame) reminded us of a "gotcha" that occurs with files in the system32 directory and subdirectories.

The scoop is, if you open the file using a 32bit editor (say Notepad++) from system32/inetsrv/Config Windows does the old switcheroo and opens the identical (but unused) file in the SysWoW64/inetsrv/Config directory. You are editing the wrong file and you don't even know it (wow! ... or maybe I should say Wow64!). As an aside, this poorly named directory, SysWoW64, stands for "Windows on Windows 64 bit" - meaning files in this directory are "old 32 bit" windows files running on this "64 bit" version of windows. Not only is that unclear, it makes the continued use of system32 confusing. Why not just use system32 and system64? Ah well, I digress.

The Fix

The long and short of it is, to make sure you are editing the correct file, use notepad (the 64bit version ships with the OS). To avoid mistakes, open notepad first as Administrator, then navigate to and open the file in the /system32 directory. If you don't you will pull out your hair trying to figure out why your changes won't take. For more information check out this blog post on the issue by Mike Ratcliffe.

As always Muse readers thanks for you patronage. Especially thanks to those of you who have begun to pass referrals to folks who may need us - we are riding high because of you.

The Muse has Cash and He's Not Afraid to Use It!

The hardest thing about running a ColdFusion development shop is getting in front of the people who might need your help. Thousands of companies could use the expertise we offer but it can be very difficult to approach them. In spite of our culture, our transparency, our chameleon-like flexibility, our unique reputation, our high competency and our focus on communication and productivity, CTO's and CIO's tend to lump CF Webtools in with the outsourcing crowd. That's just not who we are. The truth is, once we gain the ear of someone who needs us we have an amazing record at closing the deal and retaining the customer. We alleviate the pitfalls of ColdFusion (oh yes, there are pitfalls) and allow the benefits to shine. We simply bring too much to the table to ignore.

So that's the Gordian knot the Muse has been trying to unravel for the last 18 months or so as we have doubled and tripled in size. How do I get the name and reputation of my fantastic company in front of the folks who need us? I mean, besides a holocaust cloak ("...Then why wasn't it listed among our assets?") what do we have to work with? My executive team and I have spent a few weeks mulling this over and we have concluded that perhaps our greatest asset is our connection with developers within the ColdFusion Community.

The truth is that when a developer who has developed for a decision maker recommends us to that individual he or she is far more likely to listen and take our pitch seriously. After all, finding good ColdFusion talent is difficult. In our experience it is referrals that seal the deal. We began thinking, both the Muse and the CF Webtools staff tends to be engaged in user groups, forums, lists, and events focused on ColdFusion. Instead of dedicating a big chunk of money to a marketing budget (of dubious return) we had an epiphany. Why spend money on promotions and ads when the connection we need is right in front of our cfnose. Let's pay our friends in the community for their referrals.

The Big Plan

So our big plan is simple, we are going to generously reward any developer who refers a company to us that subsequently becomes a customer. The rules are simple. First, you need to be a part of the ColdFusion developer community. We are not looking to line the pockets of recruiters. But if you are in IT and work with ColdFusion you are a candidate. Finally your lead must result in a sale for you to get paid. In short, for forwarding a name to us you could get a check in the mail - that's it! Read on for the nitty gritty details.

[More]

IIS Vulnerability Steals Payment Information (By Wil Genovese - CFG)

Super guru Wil Genovese (Trunkful.com) is back to describe an IIS vulnerability that was inserted using a long-known (and patched) CF vulnerability. The Muse will make 2 points. First, if you are hit with this one call us! We will gladly put our shoulder to the wheel and help you dig out. Second, don't forget to patch your servers and keep up on the latest security news. No matter what your chosen platform you need to be vigilant and attentive. Take it away Wil.

First let me point out that the vulnerability that was found has a patch that has been available since January of 2013. So as the Muse said, patch your servers! I first read about this attack in a PC World article titled, PCWorld - Attackers exploited ColdFusion vulnerability to install Microsoft IIS malware. I spent hours reading all the linked websites and blog posts by the security researcher that discovered the IIS Malware (see this Trustwave post) trying in vain to learn the name of said DLL that gets installed, where it gets installed and how to detect the file(s). The few details I found were not completely useful. While I learned the behavior of the malware I never learned how to find the offending DLL or even the file name. I did discover that no existing anti-malware or anti-virus software would detect this rogue DLL. I repeated my futile search every few weeks to see if anything new was being reported.

Since knowing how to locate and expunge such things is part of my job I needed a way to find it, but how? I could search any of the servers at CF Webtools until the cows come home, but if none of them have been hit with this malware I will never find it. What I needed was a server that had been exploited to examine. Over the past year with the slightly larger than usual number of security holes discovered in ColdFusion we've had a few new clients come to us for help in patching and repairing servers. None of the IIS modules on those servers stood out to me as 'unusual', but I wasn't looking directly for this. Finally we had a company come to us for help with a breach.

[More]

Building a Robust Error Handler

If you have been around the ColdFusion world as long as the Muse you have heard of Mary Jo Sminkey. Mary Jo built a popular ColdFusion ecommerce platform called CFWebstore. She has vast experience in ColdFusion and a seemingly boundless fountain of energy. Her eclectic interests range from technology to baking to dog training. As far as CF Webtools and the Muse can tell, Mary Jo excels at everything she does. We frankly suspect she is actually twins or triplets pretending to be only one person :) The following article is by Mary Jo and details her approach to application specific error handling. She has a detailed and thorough knowledge of the topic. Using this approach she has been able to reduce the number of errors on a very high traffic E-commerce site to practically nil. In the first of 2 articles MJ (as we call her with great affection) details the structure and usage of the handler.

Building a Robust Error Handler (by Mary Jo Sminkey)

Let's face it, sometimes we put less effort into the error handler than into the rest of our code. We might put something in place that throws up a "user friendly" page, and maybe email a dump of the catch or error structure, but when the site goes live, and we are deluged with errors due to search bots, hack attempts and poorly coded pages we turn it off or send all those emails to a seldom-visited mailbox. Sometimes we implement error handling as cftry/cfcatch blocks that do little more than preventing errors from being thrown, instead of helping us track down the issue.

I look at the error handler as a way to help make a site as bug-free as possible. By having it email me as much information as possible about errors, I troubleshoot, fix and patch, and get to a point where errors are the exception rather than the rule. In this article, we'll look at building a single-page, comprehensive error handler. In a future article, we'll look at integrating that error handler with the open source bug tracker BugLogHQ. Before we begin with our error handler let's talk about our error handling strategy.

[More]

More Entries




Blog provided and hosted by CF Webtools. Blog Sofware by Ray Camden.