Blog

cbSecurity 2.4 Released

Luis Majano April 02, 2020

Spread the word

Luis Majano

April 02, 2020

Spread the word


Share your thoughts

We are excited to bring you another release for cbSecurity v2.4. This update gives you access to our cross site request forgery module: cbcsrf, which will enhance your securing abilities.

# Install
install cbsecurity

# Update
update cbsecurity

What's New With 2.4.0

This release adds the inclusion of the Cross Site Request Forgery module into cbsecurity: cbcsrf. You can find all the details about this module here: https://github.com/coldbox-modules/cbcsrf. Below are the major features of this module:

Features

  • Ability to generate security tokens based on your session
  • Automatic token rotation when leveraging cbauth login and logout operations
  • Ability to on-demand rotate all security tokens for specific users
  • Leverages cbStorages to store your tokens in CacheBox, which can be easily distributed and clustered
  • Ability to create multiple tokens via unique reference keys
  • Auto-verification interceptor that will verify all non-GET operations to ensure a security token is passed via rc or headers
  • Auto-sensing of integration testing so the verifier can allow testing calls
  • Token automatic rotation on specific time periods for enhance security
  • Helpers to automatically generate hidden fields for the token
  • Automatic generation endpoint that can be used for Ajax applications to request tokens for users

Add Your Comment

Recent Entries

Hackers demand a ransom to restore data from my ColdFusion web applications!

Hackers demand a ransom to restore data from my ColdFusion web applications!

Hackers demand a ransom to restore data from my ColdFusion web applications!

Unfortunately, we often hear this message from clients who thought it would never happen to them... until it did. Some believed they could delay the expense of Implementing ColdFusion security best practices for one year, while others were tempted to put it off for just a few months. However, in today's rapidly evolving digital landscape, the security of web applications, including ColdFusio...

Cristobal Escobar
Cristobal Escobar
April 16, 2024
Ortus March Newsletter

Ortus March Newsletter

Welcome to Ortus Solutions’ monthly roundup, where we're thrilled to showcase cutting-edge advancements, product updates, and exciting events! Join us as we delve into the latest innovations shaping the future of technology.

Maria Jose Herrera
Maria Jose Herrera
April 01, 2024
Into the Box 2024 Last Early Bird Days!

Into the Box 2024 Last Early Bird Days!

Time is ticking, with less than 60 days remaining until the excitement of Into the Box 2024 unfolds! Don't let this golden opportunity slip away; our exclusive Early Bird Pricing is here for a limited time only, available until March 31st. Why wait? Secure your seat now and take advantage of this steal!

Maria Jose Herrera
Maria Jose Herrera
March 20, 2024