Welcome back!

We thank the user community for your patience during our brief outage.  In an effort to improve our service we recently moved ColdFusion Blog to WordPress based Adobe blogs. Unfortunately, during the transition we encountered some technical issues and apologize for the delay.

We look forward to working with you on this new platform.

Sincerely,

The ColdFusion Team

ColdFusion 10 “Core Support” ends in May 2017

I made a post last week regarding this and now would like to pass this on to wider audience, as well.

The “Core Support” for ColdFusion 10 ends on May 16, 2017. That means, no more Security patches/updates by Adobe for this version of ColdFusion after mid of May 2017. The detailed timelines are mentioned here in the EOL Matrix.

What is Core Support then? Core support is the time frame wherein the product and the support programs are available. This provides, five years of product support from the general availability date of a product.

General availability  is the date when the product and the support programs are announced and available for purchase.

Extended support provides an additional two years of Platinum Maintenance and Support services after the end of Core Support. Extended Maintenance and Support provides the extra time you may need, to plan your migration to Adobe’s latest technology. Here is the source.

So, if you are on version 10 or prior then, its the correct time for you to upgrade. This will ensure your eligibility of getting Security updates and patches timely from Adobe, for the supported versions of ColdFusion, as and when released.

ColdFusion 11 Migration Guide

We are happy to announce the
first release of Migration Guide for ColdFusion 11. This guide will help you,
to migrate your ColdFusion 9 and ColdFusion 10 servers to ColdFusion 11
seamlessly. This guide also gives a fair overview for migration of legacy
servers to the most recent and supported versions. This helps you understand
the various phases of migration, along with, how to use Code Analyzer. The Code
Analyzer reviews the CFML pages that you specify and informs you of any
potential compatibility issues and ensures a smooth migration.

We also tried to cover, few of
the common migration issues and possible solutions.

Here is the link to ColdFusion 11 Migration Guide and don’t
forget to visit the “Help and tutorials” section inside the guide.

We are open for your suggestions
and feedback.

Setting up ColdFusion Builder 3 with a remote server

I wish everyone a very happy and prosperous new year. Here comes the first blog post for the year 2015, on ColdFusion Buider 3. A user came across our Mobile Application Development Contest blog and was trying to develop his application using ColdFusion Builder 3, but he wasn’t able to setup a connection between ColdFusion 11 and ColdFusion Builder 3.  He was trying to create a “Remote Server” connection between ColdFusion Builder 3 and ColdFusion 11, installed on separate servers (distributed setup). 

Here are the steps that will help you setup a remote host with ColdFusion Builder:-

1.     Launch ColdFusion Builder 3 and choose your workspace.

2.     Right-click on the “CF Servers” view and select Add Server

3.    Select “New server configuration” and click “OK”. You can choose “Import configurations from RDS server”, in case you have RDS server setup already and want to use existing server information.

CF Server

4.     If you can’t locate the CF Servers, then, follow the screenshot below, to enable it.

CF Server alternate

Refer to Add a remote server and fill in the details for your server.

5.     General Settings

a)     Server Name: ColdFusion server name.

b)     Description: (optional) Description of the server.

c)     Application Server: Select the drop-down list and select CF+ Tomcat Bundle (for CF10/CF11)

d)     Host Name: Name of the remote server host.

e)     Select: Is Remote.

Note: When you enter a Host Name other than localhost or 127.0.0.1, Is Remote is automatically selected.

f)     Webserver Port: Specify the port number of the remote ColdFusion server instance you are configuring. You can refer server.xml for the same at ColdFusion11cfusionruntimeconf.

g)     RDS User Name: (optional) if you are using RDS, specify the RDS user name.

h)      RDS Password: (optional) Specify the RDS password.

General Settings

Click Next to move to the next screen.

6.     Remote Server Settings

a)     User Name: Specify the CF Admin username.

b)     Password: Specify the CF Admin password.

Remote Server Settings

Click Next to move to the next screen.

7.     Install Extensions

Select Install Extensions to install the extensions that are packaged with ColdFusion Builder.

a)     Browse and select the ColdFusion web root location.

b)     Browse and select the ColdFusion web root location on the remote ColdFusion server.

c)     Browse to a location within the web root to install the extensions. The extensions are installed in the Extensions directory within the selected location.

Install Extensions

8.    Click Finish to add the remote ColdFusion server instance. You can right-click on the remote server and access the ColdFusion Administrator of the remote server.

Launch CF Admin

This blog post talks about, the minimal settings required to setup a remote server for CF Builder. You can skip the Install Extensions section as well.

Note: – While configuring the remote server in CF Builder, ensure that, you are able to access/ping the remote ColdFusion server outside builder. You can probably, access the remote CF Admin in the browser, for e.g. http://ip:port/CFIDE/Administrator/index.cfm and ensure connectivity.

 

 

How we solved a connector issue after ColdFusion 11 Update 1

ColdFusion 11 update 1 was
out and blogged about here.
It included the fixes listed in the technote, out of
which two (Bug#
3777189
& Bug#
3758172
) were related to IIS. We would like to share one of our Customer
experience and how we solved a connector issue after applying Update 1 in
ColdFusion 11.

The Challenge

Recently we were contacted by a customer from a larger organization, who wanted the IIS fixes. They weren’t aware about the release
of Update 1. Once we told them, they tried to apply the Update 1, but had
issues with it. We suggested them the alternatives that can
be used when there is a problem with direct application of the hotfix. The
update was installed successfully and was confirmed from ‘Settings Summary
page in the CF Administrator. The next step was to reconfigure the connector. The
moment connector was re-configured, all the sites went down. There were
approximately 15-20 sites configured with ColdFusion and the entire production
went down. We checked the update logs and they were clean. The error reported
was “Error 403 Access Forbidden
across all the sites.

The Solution

We tested the non CFM sites, and they
were functional. Only the ColdFusion based sites were giving the forbidden
errors. Thus we inferred that, the issue is either with ColdFusion or the connector
configuration. We enabled the internet port for ColdFusion and there we go, it
worked. This meant, ColdFusion was also working perfectly, but somewhere the
connector broke. Even after trying all the ColdFusion based troubleshooting
steps, basic windows troubleshooting, permissions check, ColdFusion logs etc.,
we were unable to fix the issue.

Then we decided to compare the
settings with one of the development servers they had. And bingo, we found the root
cause of the 403 error. “worker.cfusion.secret=yourSecret” was added by them in
their {cf.home}/config/wsconfig/[magic number]/workers.properties as a part of connector shared secret setting. This
is a part of ColdFusion
11 Lockdown Guide
 procedure. When the connector was re-configured, the
previous settings with configuration information were erased. But the
corresponding entry in the {cf.instance.home}/runtime/conf/server.xml was still
looking for the related entry in workers.properties and thus was throwing error.

The Result

Once the setting was updated, all the
sites were up and running in seconds. The customer was very happy, as their sites were back on production. If the connector needs to be
reconfigured, we have to first remove it and then re-configure it. Connector removal
means, the changes made by the user will be lost. When the user re-configures
the connector thereafter, we don’t have any means to identify what configuration
settings they previously had.

The Recommendation

Before
you re-configure the connector, we strongly recommend the following:

Ø  Back up all connector configuration files. Connector
configuration files are available at {cf.home}/config/wsconfig/

 

Note: The same has also been
mentioned in the ColdFusion 11 Lockdown Guide as well.

Unable to apply ColdFusion 11 Update 1

Recently ColdFusion 11 update 1 was out and blogged here.
The technote
lists the bug fixes included in this specific update.

In case you are unable to apply the update directly from the
ColdFusion Admin, here are some tweaks you can try:-

Start ColdFusion from
command line and apply the update

  1. Stop ColdFusion service or ‘ColdFusion 11 Application Server’
    service.
  2. Launch command prompt with “Run as Administrator” feature.
  3. Navigate to ColdFusion11cfusionbin
  4. Type cfstart.bat and hit enter.

Once the server startup message appears on the prompt,
navigate to ColdFusion Admin and apply the update.

Apply the update manually

Download the hotfix from here
and then you can follow the instructions
to apply the update.

Apply the “Service
startup fix” first and then update 1

  1. In case the above two suggestions doesn’t work, then first apply
    the service startup hotfix hf1100-3776060 and then Update 1.
  2. Download the hotfix from hf1100-3776060.jar
  3. Place this hotfix at ColdFusion11cfusionlibupdates
  4. Restart the ‘ColdFusion 11 Application Service’.
  5. Navigate to ColdFusion Admin and apply the update.

Note: The above cases are based upon user scenarios/environments.
All the other updates should be applied via the ColdFusion Administrator
directly.

ColdFusion 11 IIS Connector Tuning

Connector tuning is an essential part of setting up a ColdFusion server. There are various configurations in connector that needs to be tuned. Incorrect values may lead to “Service Unavailable” or “Server too busy”. In this blog, we will discuss how to handle such errors caused by incorrect tuning and how to tune the connectors for the site correctly.

The connector setting may vary from site to site. It is very important to configure the connectors for your application appropriately. This blog will include connector tuning parameters for IIS. During installation, user can choose to configure connector for “Individual Site” or “ALL” sites in IIS connector configuration.

Configure Web Server

After the installation, the user can launch the “Web Server Configuration tool” and has the availability to create the connector for “Individual Site” or “ALL” sites in IIS.

Add Web Server configuration

When connector is configured with individual sites, separate connector for each site will be placed under {CF-Home}/config/wsconfig/{some no}/. Similarly for “ALL” configuration the connector is configured at global level, which means the same connector binary will be used across multiple sites.

The three most important parameters will be discussed here and will help us to understand the role of the same:-

  • Reuse Connections
  • Connection pool size
  • Connection pool timeout

Re-use connections: – This setting determines the count of connections that can be re-used. When Tomcat connector makes a connection with Tomcat server, it does not closes the connection even after it finished serving the request. Instead it keeps the connection active, so that for the next request, the same connection can be re-used. This increases the performance by minimizing the overhead of creating new connection with tomcat server for every request. This settings needs to be tuned for connector configured with multiple sites. The max value for the re-use connection is determined based on the number of sites configured with same CF server and the load on each site.

The default re-use connection is 250.

Connection pool size: – This setting determines the maximum number of connections that can be created in the connection pool. When multiple requests arrive to the connector from IIS, connector creates new connections in the connection pool only if there are no free connections available in the pool. The connector will not create a new connection if connections reach the connection pool size limit. When connector is configured with “ALL” sites, the same connection pool will be used to serve the request for all sites. So the default value of the connection pool size, works well with the single site configuration, but fails to work well with “ALL” site configuration in some scenarios. Hence this value should be increased carefully based on the need and number of sites that are present within IIS.

The default connection pool size is same as, which is 250.

Connection pool timeout: – This setting determines the timeout value (in seconds) for idle connections in connection pool. This value must be in sync with the connectionTimeout attribute of your AJP connector in Tomcat's server.xml.

The default timeout for connection is indefinite, if not set in server.xml explicitly.

There are other parameters which CF connector inherits from Tomcat AJP connector. Please find the details of those settings from AJP documentation (http://tomcat.apache.org/connectors-doc/reference/workers.html)

The worker.properties is available at {CF-Home}/config/wsconfig/{some no}/ and the server.xml can be found at {CF-Home}/cfusion/runtime/conf/. Below are the changes required to tune the Site:-

  • Open the worker.properties file, add below line as new entry worker.cfusion.connection_pool_size=500 (This is connection pool size inside connector which are available to handle request)
  • Tune the entry for max_reuse_connections to appropriate value based on number of site. Optimal value is connection_pool_size / {no of site}
  •  Add another entry in new line worker.cfusion.connection_pool_timeout=60 (This value is idle connection timeout (in seconds), when sites are not under load connections will be recycled back to IIS)
  • Now open the server.xml from {cf-home/cfusion/runtime/conf}, add/update the maxThreads=500 and connectionTimeout="60000" to connection node containing the AJP entry.
    <Connector port="8012" protocol="AJP/1.3" redirectPort="8445" tomcatAuthentication="false"/>

  • Now the AJP entry in server.xml should look like 
    <Connector port="8012" protocol="AJP/1.3" redirectPort="8445" tomcatAuthentication="false" maxThreads="500" connectionTimeout ="60000"> </Connector>

 

 

 

There can be multiple use cases. Let us consider three most widely used scenarios:-

  •  Connector created with “ALL” OR with “Individual” Site and single site in IIS
  • Connector created with “ALL” and multiple sites in IIS
  • Connector created with “Individual” site and multiple sites site in IIS

 

 

Use Case# 1: Connector created with “ALL” OR with “Individual” Site and single site in IIS

In an idle scenario, where the user has only one site (configured with ALL or individual connector) and not running under high load, the worker.properties, can look like this

worker.list=cfusion

worker.cfusion.type=ajp13

worker.cfusion.host=localhost

worker.cfusion.port=8012

worker.cfusion.max_reuse_connections=250

worker.cfusion.connection_pool_size=500

worker.cfusion.connection_pool_timeout=60

And server.xml should look like

<Connector port="8012" protocol="AJP/1.3" redirectPort="8445" tomcatAuthentication="false" maxThreads="500" connectionTimeout ="60000"> </Connector>

So, we added the connection_pool_size and connection_pool_timeout (in seconds) in the worker.properties. The corresponding connectionTimeout (in milliseconds) is added to server.xml along with maxThreads whose value is equivalent to the connection_pool_size in the worker.properties.

Use Case# 2: Connector created with “ALL” and multiple sites in IIS

Consider a scenario that the connector is created with “ALL” and there is only one site which is running under load. The default 250 re-use connections are utilized by site 1. Later on, the user adds another site in IIS.

Site 1 will make all 250 re-usable connections with ColdFusion and any request for new connection from site 2 will be ignored by ColdFusion. Hence it is required, to increase the re-use connection count to optimal value, so that site 2 does not starve for new connections. This can be achieved by configuring optimal value of max_reuse_connections count. Considering that the site 2 is not running under high load, 100 re-use connection will work. So the max_reuse_connections becomes 350 {250 (for site 1) + 100 (for site 2)}. But, it is a good practice, to start tuning the connection_pool_size first, and then the max_reuse_connections appropriately.

This case would require connection_pool_size=700, as max_reuse_connections= connection_pool_size / {no of site}. So, the worker.properties will look like this

worker.list=cfusion

worker.cfusion.type=ajp13

worker.cfusion.host=localhost

worker.cfusion.port=8012

worker.cfusion.max_reuse_connections=350

worker.cfusion.connection_pool_size=600

worker.cfusion.connection_pool_timeout=60

And server.xml should look like

<Connector port="8012" protocol="AJP/1.3" redirectPort="8445" tomcatAuthentication="false" maxThreads="700" connectionTimeout ="60000"> </Connector>

Note: The connectionTimeout is in milliseconds

Use Case# 3: Connector created with “Individual” site and multiple sites site in IIS

Consider a scenario that the individual connectors are created for each site. There are three sites – Site 1 is running under high load, site 2 and site 3 running are under low load. For all the sites, there are individual connectors. Now, ideally in this scenario, we should start tuning with the site running under high load first. We can disable the timeout for high traffic sites, if we are not sure for timeout. If not defined, the default timeout for connection is indefinite. To start with, don’t specify the re-use parameter. Set the connection_pool_size=500 and monitor the site. Gradually increase the value by 100 and likewise, till the site is stable. Say, at connection_pool_size=800, the site is stable. Now, set the max_reuse_connections=270 (connection_pool_size / {no of site} i.e. 800/3=270 approx)

Site 1

worker.list=cfusion

worker.cfusion.type=ajp13

worker.cfusion.host=localhost

worker.cfusion.port=8012

worker.cfusion.max_reuse_connections=270

worker.cfusion.connection_pool_size=800

worker.cfusion.connection_pool_timeout=60

Site 2 and site 3 are running under low traffic, but are bind to same ColdFusion instance (cfusion in this case). The below settings should be optimal:-

Site 2

worker.list=cfusion

worker.cfusion.type=ajp13

worker.cfusion.host=localhost

worker.cfusion.port=8012

worker.cfusion.max_reuse_connections=100

worker.cfusion.connection_pool_size=250

worker.cfusion.connection_pool_timeout=60

Site 3

worker.list=cfusion

worker.cfusion.type=ajp13

worker.cfusion.host=localhost

worker.cfusion.port=8012

worker.cfusion.max_reuse_connections=100

worker.cfusion.connection_pool_size=250

worker.cfusion.connection_pool_timeout=60

And server.xml should look like

<Connector port="8012" protocol="AJP/1.3" redirectPort="8445" tomcatAuthentication="false" maxThreads="1300" connectionTimeout ="60000"> </Connector>

Note: The connectionTimeout is in milliseconds and the maxThreads is the value equivalent to summation of all the connection_pool_size(s). So, in this case maxThreads=1300 {800 (for site 1) + 250 (for site 2) + 250 (for site 3)}.

Some key points to remember:-

  • The connector tool should always run with “Run as Administrator” feature, even if the user is from the Administrator group i.e.

    Using the command line:-

    Connector Tool cmd

    Using the GUI

    Connector Tool gui
     

  • Any changes made to {CF-Home}/config/wsconfig/{some no}/, including isapi_redirect.dll or worker.properties, would require an IIS restart.
  • Any changes made to {CF-Home}/cfusion/runtime/conf/server.xml requires “ColdFusion 11 Application Server” service restart.
  • max_reuse_connections should always be less than or equivalent to connection_pool_size. It can’t be larger than the connection_pool_size.
  • The above use cases are scenario based and may vary from site to site, depending upon the load, architecture and traffic on the site.