The FuseGuard Web Application Firewall for ColdFusion & CFML is a high performance, customizable engine that blocks various attacks against your ColdFusion applications.
Getting Started with FuseGuard
It takes only 10 minutes to get started.
- Copy the
fusegaurdfolder on to your server
- Edit the configuration file to determine which types of attacks you want to block or log.
- Add a few lines of code we supply to your
How does FuseGuard work?
FuseGuard inspects requests before your CFML executes (typically in
onRequestStart of an
Application.cfc). If FuseGuard is able to determine that the request is malicious it will log or block the request from continueing execution.
FuseGuard looks for several types of malicious requests including:
- Malicious File Uploads
- Cross Site Scripting / XSS
- SQL Injection
- Session Hijacking
- Cross Site Request Forgery
- CRLF Injection
- Path Traversal Attacks
- Null Byte Injection
- Password Dictionary Attacks
Note: although web application firewalls like FuseGuard can block many types of malicious requests it is impossible to acheive 100% security. We strongly enoucrage you to review your code for security vulnerabilities & remediate them in the source code.
We support the FuseGuard on the following CFML engines:
- Adobe ColdFusion 8, 9, 10, 11 or 2016
- Lucee 4.5 & Lucee 5
- Railo 4
Using a database for logging is not required (you can log to file or email), we currently support these database platforms:
- MySQL 4 or Greater
- Microsoft SQL Server 7 or Greater
- Apache Derby (Included in CF8 or Greater, script for creating DB and Datasource Included)
FuseGuard should also work on most shared hosting environments.
There are three standard licensing options, however if you have a licensing need that doesn't fit within our model we would be happy to work out a custom quote.
- Application License $349/application - This license allows you to use the firewall on one web application on one server. An Application is defined as a collection of CFML code which runs off of a single Application.cfc or Application.cfm file.
- Server License $999/server - Allows you to use the firewall on an unlimited number of Applications residing on ONE physical server. The physical server may contain multiple J2EE server instances, and multiple virtualized operating systems.
- Enterprise License $7999/unlimited - Software may be used on multiple physical servers, and applications within the same organization located in the same country.
- Clustered License - For Applications that are clustered or behind a load balancer. Contact Us for details and pricing.
- Cloud License - For Applications that run on a number of servers that changes dynamically. Contact Us for details and pricing.
Here are some frequently asked licensing questions:
Can I upgrade my Application License to a Server License?
Yes, you can upgrade for the difference in price, $650. Add to Cart
Does the Server license cover multiple ColdFusion instances?
Yes, the server license covers an unlimited number of FuseGuard instances on the same physical server. This includes multiple Applications within a single ColdFusion instance, multiple applications on multiple instances of ColdFusion (on the same physcial server), and multiple instances of ColdFusion on multiple virtualized servers (running from the same physical host computer)
What constitutes an Application?
An application is defined as a single Application scope. If you have multiple Application.cfc/cfm files that all share the same application scope, they are considered to be a single Application. If you have a special scenario, please contact us and we'll let you know.
Do I need to purchase licenses for Development, Staging, Testing Servers?
No, a single FuseGuard license may be used on unlimited non-production servers, including development, staging, testing / qa, backup, hot-standby.
Customizable & Configurable
Because the firewall is written in ColdFusion, you will find it very easy to extend, and configure. Other firewalls have domain specific languages you need to learn in order to configure them properly. You already use CFML why not use that to configure your WAF.
You can also write your own custom filter in CFML that runs inside the firewall.
Other Security Products & Services
- CFML Security Checklist Included Free with FuseGuard Purchase
- ColdFusion Security Consulting
- HackMyCF - A Service that checks your ColdFusion server for remote vulnerabilites
ColdFusion is a trademark of Adobe Systems Incorporated.