I saw this on Twitter this morning:
and at first I thought it was about McCain/Palin vs. Obama/Biden. Then I remembered LHC. Yay, we’re all still here!
This has been an issue for a long time, but the past few weeks, we’ve started to see some automated attacks against ColdFusion sites trying to inject rogue SQL via forms and other parameters. Ugh. I’ve been working with a great piece of code called Portcullis, but it has a few rough edges that make it hard to deploy. Here’s my application.cfm, in case it’s useful for anybody else fighting this:
<cftry>
<cfif isdefined("application.Portcullis") eq false or isdefined("url.reset")>
<cfset application.Portcullis = createObject("component","com.fusionlink.Portcullis").init()/>
</cfif>
<cfset application.Portcullis.scan(url,"url",cgi.remote_addr)>
<cfset application.Portcullis.scan(form,"form",cgi.remote_addr)>
<cfset application.Portcullis.scan(cookie,"cookie",cgi.remote_addr)>
<cfif application.Portcullis.isBlocked(cgi.remote_addr) eq true>
Sorry, there was an error detected.
<cfmail from="you@you.com"
to="you@you.com"
subject="SEI Portcullis: User Blocked" type="html">
<cfdump var="#cgi#"/>
</cfmail>
<cfabort/>
</cfif>
<cfcatch type="any">
<cfmail from="you@you.com"
to="you@you.com"
subject="SEI Portcullis Threw Exception" type="html">
<a href="http://#CGI.SERVER_NAME##CGI.SCRIPT_NAME#?#CGI.QUERY_STRING#">Page URL</a>
#cfcatch.message#
detail: #cfcatch.Detail# <br />
<cfif IsDefined("cfcatch.SQLState")>
sqlstate: #cfcatch.SQLState# <br />
</cfif>
type: #cfcatch.type# <br />
<cfdump var="#cgi#"/>
</cfmail>
</cfcatch>
</cftry>
We got up at 3:30am for our flight to Baltimore, and made it to the airport in time to pick up a latte and drink half of it before remembering that security wouldn’t let us on with it. Oops, been a while since we’ve flown!
Tepring’s sister, Sharon, picked us up and we headed to DC for the rehearsal of John Williams and The President’s Own Marine Band. We were able to get in because Sharon’s husband works for the band.
The next three hours were an amazing preview of the concert we’ll go to Sunday evening. The traditionally orchestral pieces have been re-orchestrated for band, and Mr. Williams was often surprised how well it worked. Part of that is that this is perhaps the best band anywhere, though!
During the concert, we had full scores to follow, which made the rehearsal more interesting for the four of us huddled around the music stand.
Afterward, we waited while the band staff met Mr. Williams, and Ted was able to get a couple of autographs. Amazing day so far!
We had sushi at Sharon and Ted’s favorite place in Annapolis and got to bed early. 3:30am was a long time ago!
I’ve gotten a lot of grief from family & friends about waiting 6 hours in line for the iPhone. But now that the sunburn has subsided, I keep finding reasons that it was worth the hassle. So, here are my 9 reasons the iPhone is Crazy Good: Continue Reading ->
Nah, nobody would wait 6 hours in line for an iPhone. Least of all me. I’m no Apple FanBoy(tm), have a nice Windows Mobile phone, and am on crutches. So it makes no sense at all that I’d wait 6 hours in line for an iPhone.
But I did. Continue Reading ->
I broke my foot a while back, and finally went to the doctor mumble-16-mumble months later, who confirmed that a tiny little cesamoid bone is broken. They’re apparently a nightmare to heal, so I got a bone stimulator, which seems to have helped. Tried 4 weeks on an air cast walking boot thingie, but it didn’t help, so I’ve been on crutches for the past 3 weeks.
Anyhow, it seems to finally be healing, so I’m thrilled about that. Hoping it’ll be in good shape for Estes Park, CO in August, and maybe D.C. before that.
This is a picture I took 6/28/2008, of Jupiter.
This is a stack of 10 frames, produced and stacked in k3ccdtools, with our Celestron NexStar 130 SLT and a Logitech QuickCam with a bare CCD inserted as the eyepiece. Skies were messy, and my focus wasn’t quite right. Collimation is probably also off.
Just a quick pic from a webcam session with our telescope from a while back. I’m getting back into the planetary and lunar imaging these days.
One of the things I love about AdWords is that it tends to give me information I need to make good choices. I just looked at an ad campaign a client originally set up a year ago, and it’s done pretty badly for them over time. They seem to have good keywords, and the landing page was chosen reasonably well, but they’re still not getting many conversions.
The culprit? Bad ad text. Continue Reading ->
Today, we’re going to talk about AdWords keywords, and how to set them up so you get more value than the vanilla Google setup would give you. From Part 1, let me reiterate that you need each Ad Group to focus on one phrase, and that phrase needs to have its own custom ads and a specific page on your site.
So, once you’ve got the above, what can you do with keywords? Google lets you target phrases 4 ways: Continue Reading ->
I've got a new tool & book available for advertisers who want to move from losing money to making money with AdWords. Check it out!
I'm a web developer, SEO and PPC guy in the midwest. Thanks for stopping by, and I hope you find some useful info! You can follow me on Twitter @gcrocker.
