ColdFusion

Good morning, and happy Friday to all!   I have been searching, without success, to locate an authoritative document that spells out (in English), the method by which the CORRECT NUMBER of ColdFusion Enterprise licenses is determined.  My job is on the acquisition side, not the technical side.

I'm trying to do a manual install of CF2023 update 15 and I know I'm doing something wrong because the packages aren't getting installed. I downloaded hotfix-packages-cf2023-015-330825.zip and unzipped it to directory /appl/CF2023-15-installer/bundles/.  I updated /appl/ColdFusion2023/cfusion/lib/neo_updates.xml with<packagesurl>/appl/CF2023-15-installer/bundles/bundlesdependency.json</packagesurl>I ran the upgrade (which appears to be successful) using/appl/ColdFusion2023/jre/bin/java -jar /appl/CF2023-15-installer/bundles/updateinstallers/hotfix-015-330825.jar In coldfusion-out.log i'm gettingSep 4, 2025 20:40:38 PM Error [main] - Unable to install felixclassloader package: java.nio.file.AccessDeniedException: /appl/ColdFusion2023/cfusion/lib/../../bundles/bundlesdependency.jsonfollowed by a lot of lines that say "XXXX package will not be deployed as it is not installed." The CF Administrator says the administrator module is not installe

I think I've seen the answer to this alluded to in a couple other posts, but nothing explicitly stated as such.  I'm installing ColdFusion 2023 Standard for the first time, and am unable to access the CF Admin except via the internal web server (http://127.0.0.1:8500/CFIDE/administrator/index.cfm on the server itself).  Even after adding the Virtual Directory to the correct path in IIS and uncommenting the /CFIDE/ line in uriworkermap.properties (as I've been doing on installs since CF2018), I still cannot open my admin via a "regular" URL (http://myhost.mydomain.com/cfide/administrator), even on the server itself much less from my connected workstation.  I get this message:The requested URL was not found on this server!If you entered the URL manually please check your spelling and try again.Tomcat/ISAPI/isapi_redirector/1.2.46 Again, I've seen references to how Adobe has made it "harder" to open access to one's CF Admin via this path, but nothing explicitly sa

I have the following code:  <cfform action="updateinfodone.cfm?needsupdate=ANILIST&clientid=#clientid#" method="POST">    <cfgrid name="grid3" query="getanilist" selectmode="EDIT" delete="Yes" deletebutton="Delete Row" width="690" height="400" format="html">      <cfoutput query="getanilist">      <cfgridcolumn name="ANIID" display="no">      <cfgridcolumn name="ANINameID" display="no">      <cfgridcolumn name="PhoneNo" header="Phone" headeralign="CENTER">      <cfgridcolumn name="Carrier" header="LEC" headeralign="CENTER">      <cfgridcolumn name="CSR" header="CSR" headeralign="CENTER">      <!---      <cfgridcolumn name="SS" header="SS" headeralign="CENTER">    --->      <cfgridcolumn name="CP" header="BTN" headeralign="CENTER">      <cfgri

Hello, I have installed CF 2023 with a trail edition  which turned out to be developer edition. and now currently have a license for enterprise. I'm not quite sure how to convert the developer edition to enterprise. as ,  when I'm trying to activate the license from CF admin console --> license & activation. it shows "Please enter a valid serial number." I'm thinking I should have a separate installer for enterprise edition? register the CF product with the license to get the installer? Can someone provide guidance on how this would work to go with an enterprise edition?  Thanks.

Hello,I am unable to activate our server.  I am working in a closed environment and must use offline activation.  I followed the process found here - https://coldfusion.adobe.com/2024/02/cf2023-offline-activation/.  After running the generate request file, I get an error on the response page Detail[empty string]ErrNumber0MessageVariable PATH is undefined.StackTracecoldfusion.runtime.UndefinedVariableException: Variable PATH is undefined. at coldfusion.runtime.CfJspPage._get(CfJspPage.java:360) at coldfusion.runtime.CfJspPage._get(CfJspPage.java:334) at coldfusion.runtime.CfJspPage._get(CfJspPage.java:321) at coldfusion.runtime.CfJspPage._autoscalarize(CfJspPage.java:2440) at coldfusion.runtime.CfJspPage._autoscalarize(CfJspPage.java:2402) at cflicense2ecfc1132610686$funcGENERATEOFFLINEACTIVATIONREQUEST.runFunction(/CFIDE/adminapi/license.cfc:215) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:629) at coldfusion.runtime.UDFMethod$ReturnTypeFilter.invoke(UDFMet

Hello everyoneI have a valid CF 10 license that worked until yesterday.Since this morning, all my reports have been displaying the following message:"Adobe Coldfusion Developer/trial edition. Not for production use."Do you know anything about this?I'll try reinstalling it (if I can), but it's a bit unsettling. Thanks for any advice.

Using Coldfusion2023 update13 developers edition.  When I try to update to either update14 or update15, the Oracle package goes invalid.  The package management tool says it is installed, but the Coldfusion engine says that it is not installed and all my Oracle queries fail.  I tried to uninstall Oracle and reinstall with no change to the failing queries.  Even when I tried to rollback to update13, the problem still persisted after updating to either 14 or 15.  Any suggestions to get to the later more secure updates working?  I found some tips, regarding adding more JVM params, clearing some cache stuff, but none of those things helped the Oracle package work again.

i have had 3-4 iis cf sites running for a long time. I went to setup a new iis site. I did not mean this to be a cold fusion site, but when I set it up, it configured it with the cold fusion parameters. My new application is supposed to just be a reverse proxy to point to a Python Windows service. I went to the web server configuration tool in Adobe and found that all the sites were configured under the "all" option. I tried to click that and remove thinking I could add them individually, but I was having a problem and it would not let me. Some sort of permission error accessing some of my ISAPI logs. I then clicked the "Add" button, and I saw the option to add all the sites individually. My thought was, I could add them all individually and then just remove the one I didn't want. That actually worked. However, I'm still left with the 'all' option as well. I'm trying to get rid of the one that says "all", and no matter what I do, it's not working in the web ser

I have several templates in their own Application that I run as CF Scheduled Tasks. Each template has the same basic functionality - call a CFC to make a request to an external API via CFHTTP and save the data in the response to the database using SQL Stored Procedures. All of them run fine with no errors. However, every time just one of these templates is executed, a Request Timed Out message is logged in exception.log, even though the page does not time out and runs to completion: "The request has exceeded the allowable time limit Tag: cfhttp" I am logging each request to log the time it takes to complete and confirm that it completes successfully, and every request completes in about 15 seconds, which is expected. I have added "setting requestTimeout=30;" the CFM template in an attempt to prevent the errors from being logged, but they still do, every time. Any idea what is going on here? I know it's an innocuous error, but, I'd still like to get to the bottom of

Hello Community,Yesterday night, our application (running on ColdFusion 2023) suddenly went down without any warning. The application was not accessible, and all requests were failing. Here’s what we tried so far:Checked logs in GCP (Google Cloud Platform) and also ColdFusion logs.We did not find any clear error messages or indications of why the server/application went down.Finally, we restarted the ColdFusion service, and everything started working again.Environment details:ColdFusion version: 2023Hosting: Google Cloud Platform (VM based)Application was running normally before the incident.Issue:We want to understand the possible root cause of this sudden downtime. Since no clear errors are visible in the logs, we are not sure what exactly triggered the issue. Questions for the community:Has anyone faced a similar issue with CF2023 suddenly going down?Are there specific logs (apart from coldfusion-out.log or exception.log) that we should check in this case?What monitoring o

After applying latest security update the file pathfilter.json is totaly empty!Result: logfiles defined in scheduled tasks cannot be written.The message is:"Warning","main","07/09/25","08:55:31","","The specified path: D:/ScheduleLogs/solr_index_documentatie_website_DEV.html is not allowed for scheduled tasks.To allow it, whitelist the path in cf-root/lib/pathfilter.json against key schedulerexecutionpaths. "IMHO: Totaly disappointing and unacceptable

Hello, I have installed coldfusion 2025 over docker, i have configure everything and import all settings except for one, CUSTOMTAGS it is not working on any way, see image attached, a fresh export cant be imported back, idk if im doing something wrong but it is not even working with a fresh install.this is the export of the cfsetup fordocker-composeservices: cf2025: image: adobecoldfusion/coldfusion2025:latest container_name: cf2025 ports: - "8511:8500" environment: acceptEULA: "YES" importCFSettings: /app/config/settings.json #same error as with customtag.json for customtags section installModules: "debugger,mail,oracle" volumes: - /webdata/coldfusion:/app customtag.json{"CUSTOMTAG":{"/WEB-INF/customtags10000":"/opt/coldfusion/cfusion/CustomTags","/WEB-INF/customtags1755704070605":"/app/shared"}} Regards, Ken

I am trying to uninstall CF2021, while an active version of CF2023 is running. I have tried uninstall from the command line as administrator and right click uninstall as adminstrator, and it just spins. So far over an hour. Do the CF2023 services need to be stopped to uninstall the previous version? Thanks in advance

Scheduler tasks is having issues recognizing "$" in the allowed output paths in pathfilter.json. I was getting warning on server.log and task was not allowed to run:"Attempted to schedule task with unauthorized path: C:/$myPath/**;" After some troubleshooting, removing the $ from the path make it to work again. Issue experienced after recent update to CF2021 update 21. Just sharing...

Greetings,I’m having a problem setting up the server portion of the CFBuilder plugin for VS Code. FWIW, I am running CF2023 using CommandBox on my MacBook Air. What I’m trying to do is set up the sever section of the plugin. In the local server settings, I enter what I thought was the path to server, but I get the following message: Invalid server home When I go into the terminal and type box server info --verbose it gives meServer Home:/Users/larryclyons/.CommandBox/server/E898FE23BF702162F22CB024B4F4187B-dataTables_CF5090/adobe-2023.0.15.330825which I assume is the path to the server. Or so I thought. I’m not sure what I’m doing wrong in this case, Any suggestions on getting this resolved will be very appreciated. 

I forget what update broke CF Server.  The one where if any variable in any scope is passed to a CFC function, but it's not in the CFARGUMENTS at the very start of the function, then CF throws an exception.I have a .cfc, let's call it "myFunction.cfc", where there is a function that adds a calendar event to a very rudimentary calendar for users to view.  In calling that function via AJaX, I have appended some URL parameters.myFunction.cfc?method=addrecord&returnformat=plain&returntype=plain Someone just tried to enter an event into the calendar.  CF Server sent us an email:Diagnostics:  Function addrecord does not support returntype as an argument in X:\path\to\myFunction.cfcThe error occured on line -1...Template: /path/to/myFunction.cfcQuery String:  method=addrecord&returnformat=plain&returntype=plain returntype is an instruction to the function, not a value being processed by the function. Why did Adobe break this? W

We're currently running a Windows server with CFM 2018 installed and recently developed a new site.  When we push the site to a "live" environment the server runs well for about 20-30 minutes and then it will just fail to respond.  I do see the CFM processor and SQL processor slowly start to increase as the site gets traffic.  I'm guessing it just builds up until it gets bottlenecked or something. The site then fails to respond or gives us the pretty standard CFM error or fails to load any pages and eventually just throws the Tomcat error.  The errors i get are Java heap space and or GC overhead limit.    When we run the site in a "dev" environment it works fine but of course when it's in a dev environment it's only one or two people hitting the site.  The "live" and "dev" site are on the same server, they're just different URL's so there is no difference between the server settings.  Just the number of people hitting the site (public vs private)

I'm moving to a new server running Coldfusion 2025 and have run into an issue when trying to load pages from the server that contain % encoded UTF-8 characters. I get from pages with French characters in a folder/path, e.g. https://www.tourdulactemiscamingue.com/o%C3%B9dormir/, "The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing)." Apache Tomcat/10.1.42From pages in any folder, accented or not, like https://www.tourdulactemiscamingue.com/o%C3%B9dormir/g%C3%AEtes.cfm or https://www.tourdulactemiscamingue.com/quoifaire/activit%C3%A9saquatiques.cfm I get an error report from Coldfusion saying:"File not found: /quoifaire/activitésaquatiques.cfm" (coldfusion.runtime.TemplateNotFoundException)I've added:1) <system.web><globalization requestEncoding="utf-8" responseEncoding="utf-8" f

ColdFusion Adminstrator 2023 returns a "Failed to add HTML header" error when I try "Export Server State" in the Package Manager.  This happened on Update 14 and continues to happen after Update 15. I made sure (from another thread referring to this error) that "Disable updating ColdFusion internal cookies using ColdFusion tags/functions" under Memory Variables is unchecked as suggested. Any suggestions?

Hi,I am trying to make sure that my Coldfusion Server is optomised to the max and to find out what is normal limits.Basically it looks like at times my servers can run slow but it is possible that this is caused by a very old bloated code base.Jrun can sometimes have very high CPU usage so I purchased Fusion Reactor to see what is going on under the hood.Here are my current Java settings (running v6u24):java.args=-server -Xmx4096m -Xms4096m -XX:MaxPermSize=256m -XX:PermSize=256m -Dsun.rmi.dgc.client.gcInterval=600000 -Dsun.rmi.dgc.server.gcInterval=600000 -Dsun.io.useCanonCaches=false -XX:+UseParallelGC -Xbatch ........With regards Memory, the only memory that seems to be running a lot of Garbage Collection is the Eden Memory Space. It climbs to nearly 1.2GB in total just under every minute at which time it looks like GC kicks in and the usage drops to about 100MB.Survivor memory grows to about 80-100MB over the space of 10 minutes but drops to 0 after the scheduled full GC runs. Old G

Using SendGrid API fails in CF2025: `Error","scheduler-6","08/17/25","13:01:49","","coldfusion.wddx.Base64Encoder$InvalidEncodedStringException: '' Can not decode string "SG". The input string is not base64-encoded.` I did open a bug report:https://tracker.adobe.com/#/view/CF-4227552 Anyone have anyway to get this to work? It's pretty big showstopper if not. 

ColdFusion doesn't work with 'browser history'-- 'window.history.go(-1)'.

Hello,We are migrating Coldfusion from Centos 7.8 [CF2021] to Ubuntu 22.24 [CF2023].I was wondering what are the best methods to export $CF_2021_DIR/jre/lib/security/cacerts and import them to the new server?Is it the via scripts or can just cacerts file be copied over?What is the recommeded way if any? ThanksDejan

Hi, we are looking into better XSS (Cross-site scripting) prevention.We have the "Enable Global Script" protection checked in CFAdminWe have modified neo-security.xml to include a regex to remove various unwanted tagsWe have queryparamed all querysWe are using getSafeHTML() when neededWe are about to go in block mode behind a WAF Does anyone have other recommendations? I couldn't find any recent posts about this in these forums.