ColdFusion Security by Foundeo


The FuseGuard Web Application Firewall for ColdFusion & CFML is a high performance, customizable engine that blocks various attacks against your ColdFusion applications.

Latest Version: 3.6.0 (change log) Released 2024-02-21

FuseGuard Server License

$48 / month / server

Billed Annually


FuseGuard Enterprise License

$450 / month

Billed Annually


How does FuseGuard work?

FuseGuard inspects requests before your CFML executes (typically in onRequestStart of an Application.cfc). If FuseGuard is able to determine that the request is malicious it will log or block the request from continueing execution.

FuseGuard blocks malicious requests

FuseGuard looks for several types of malicious requests including:

Note: Although web application firewalls like FuseGuard can block many types of malicious requests it is impossible for any product to block 100% of all security threats. The best defense has many layers. We strongly encourage you to review and scan your code for security vulnerabilities & remediate them in the source code. We offer ColdFusion Security Training, and ColdFusion Security Consulting services to our clients. You should also ensure that your server is installed and configured according to the ColdFusion Lockdown Guide.

Getting Started with FuseGuard

You can start logging or blocking malicious requests in less than 10 minutes.

  1. Request a free trial
  2. Copy the fuseguard folder on to your server
  3. Add a few lines of code we supply to your Application.cfm or Application.cfc file
  4. Configure to determine which types of attacks you want to block or log.

System Requirements

FuseGuard can run on the following CFML engines:

Note: Even though FuseGuard works on older versions of ColdFusion or Lucee using a version that is no longer supported or patched by the vendor is not recommended.

Using a database for logging is not required (you can log to file or email), we currently support these database platforms:


There are two standard licensing options, however if you have a licensing need that doesn't fit within our model we would be happy to work out a custom quote.

Note: the subscription license entitles you to the latest version of FuseGuard as long as your license is current.

Frequently Asked Licensing Questions

Does the Server license cover multiple ColdFusion instances?

Yes, the server license covers an unlimited number of FuseGuard instances on the same physical server. This includes multiple Applications within a single ColdFusion instance, multiple applications on multiple instances of ColdFusion (on the same physcial server), and multiple instances of ColdFusion on multiple virtualized servers (running from the same physical host computer)

Do I need to purchase licenses for Development, Staging, Testing Servers?

No, a single FuseGuard license may be used on unlimited non-production servers, including development, staging, testing / qa, backup, hot-standby.

Is FuseGuard version 2.x still supported?

FuseGuard version 2 will be supported until January 1, 2020. After January 1, 2020 no further updates will be made to the FuseGuard 2.x version. You must purchase version 3 to get future updates.

Customizable & Configurable

Because the firewall is written in ColdFusion, you will find it very easy to extend, and configure. Other firewalls may have domain specific languages you need to learn in order to configure them properly. You already use CFML why not use that to configure your WAF.

You can also write your own custom filter in CFML that runs inside the firewall.

Checkout the Documentation and CFC API Reference

Other Security Products & Services

You can get Fixinator and HackMyCF along with FuseGuard in one package called the Foundeo Continuous Security Bundle.

ColdFusion is a trademark of Adobe Systems Incorporated.