Blog

The Security Module

ColdBox MVC, Modules, Tutorials
Curt Gratz February 16, 2015

Spread the word

Curt Gratz

February 16, 2015

Spread the word

Share your thoughts

Ortus Solutions

Looking to secure your ColdBox application?  The Security Module can be your security rules engine for your application.  It provides flexible options to rules based security for you to use.

We have often talked about how a module can be either complex or as simple as an interceptor.  Our Security Module is basically just an interceptor that gets registered in your application to enforce rules you define.  Installing it is easy using CommandBox run the following command

box install cbsecurity

The module will register a security interceptor with empty rules for you.  You can update the security rules included in the `config` folder or comment the interceptor out and just add it to your main application or necessary modules using the mapping it creates for you.

The full documentation for the security interceptor can be found at

http://wiki.coldbox.org/wiki/Security.cfm​ 

Feel free to take advantage of this module to help your secure your application and take care of some of the boiler plate work for you. 

Add Your Comment

Recent Entries

Introducing the BoxLang Spring Boot Starter: Dynamic JVM Templating for Spring

Introducing the BoxLang Spring Boot Starter: Dynamic JVM Templating for Spring

Spring Boot developers know the pain of evaluating view technologies. Thymeleaf is great — until you need more expressiveness. FreeMarker is powerful — until the syntax fights you. What if you could write templates in a dynamic JVM language that gives you the full power of the platform, feels natural, and requires zero setup to integrate?

Meet the BoxLang Spring Boot Starter.

Luis Majano
Luis Majano
March 13, 2026
Why Swiss Banks Are Modernizing CFML Platforms Without Rewrites

Why Swiss Banks Are Modernizing CFML Platforms Without Rewrites

The growing need to evolve legacy financial platforms safely

Many Swiss banks and financial institutions still operate important systems built on ColdFusion and CFML platforms.

These systems manage a wide range of functions, including:

  • internal banking workflows
  • reporting systems
  • client portals
  • data integration platforms
  • compliance and risk management tools

In many cases, thes...

Cristobal Escobar
Cristobal Escobar
March 13, 2026
Reactive vs Proactive ColdFusion Support: Why Waiting for an Outage Is the Most Expensive Strategy

Reactive vs Proactive ColdFusion Support: Why Waiting for an Outage Is the Most Expensive Strategy

Many ColdFusion environments operate in a reactive mode without realizing it.

Everything seems fine… until something breaks.

A server crashes.

Performance drops suddenly.

An integration stops working.

A security audit reveals missing patches.

At that point the response is urgent:

“Can someone help us fix this now?”

Emergency support is sometimes unavoidable. But when reactive intervention becomes the norm, it usually means something deep...

Cristobal Escobar
Cristobal Escobar
March 12, 2026