I just upvoted @Charlie Arehart 's answer, and it's a very good answer and you (and everyone else) should read it. But it doesn't exactly answer your question. That's a shame since he worked so hard on it, and read all this documentation for you (and me, and everyone else).   The underlying problem is that the EULA is, and has always been, written by lawyers. And lawyers don't really know what a "service bureau" is in the context of ColdFusion operation. They know legal stuff, but not operational stuff. So, the people who translate legal questions into operational answers are often Adobe salespeople.   Salespeople are usually paid by commission. So, the more expensive the sale, the more they make. And there's no incentive for them to provide you with an easy-to-understand answer, because if the pricing for ColdFusion were so easy to understand, we wouldn't need to work with Adobe sales at all. No one has this kind of problem buying, say, Microsoft Word, because there aren't so many underlying possibilities there. (Although the same isn't true for buying other Microsoft licenses like Office 365, and Microsoft sales definitely takes advantage of that!)   There have been many arguments between ColdFusion purchasers and salespeople documented on the forums, and the problem is simply that many salespeople are trying to increase the price, and thereby the commission they get. That's literally money in their pockets, and they have no incentives to say that someone who sets up a server with N number of sites for individual customers isn't a service bureau. Is that correct? Who knows!   So, here are my tips for getting a non-authoritative, but good enough, answer to your question. They're not specified in any particular order. And I don't buy CF licenses, so there may be better "non-authoritative but good enough" answers out there.   1. Inquire with multiple CF resellers. They will often have a policy that they follow to get the least expensive price for the product. Ask them to explain their pricing policy. They can probably do that over the phone but won't be able to send you a written document.   2. Look at what other vendors and resellers are doing. For example, @Charlie Arehart mentioned that Adobe provides an AWS CF AMI. I don't know if that's true for CF 2025, but for previous versions that AMI didn't come from Adobe but rather a partner/reseller. (And it's overly expensive and I wouldn't recommend using it, but that's another story.) Anyway, it might be worth following up directly with that company to see what kind of a license they have with Adobe, if possible.   3. Contact ColdFusion product managers instead of sales people to find out more authoritative information. Product managers are incentivized to get you to buy the product, and they will likely all give you the same answer.   4. Adobe has long practiced price discrimination, where if you're in country X you pay one price, but if you're in country Y you pay another. I've seen this more with Creative Suite and related desktop products, before Creative Cloud came out. I don't know if this is true for ColdFusion - I don't think it is - but it's also possible that the Adobe sales team in country X will claim you're running a service bureau and the sales team in country Y will not. So, try and find out if that's a thing.   5. If you're buying CF for your own organization only, my understanding is you shouldn't have to worry about Feature Restricted Licensing. That's for large-scale resellers and hosting providers, I think.   6. If you're considering using CF in the cloud, talk to an Adobe partner/reseller before talking to Adobe! There are reasons why Adobe doesn't want everyone using CF on, say, a fleet of VMs that will grow or shrink during operational use. License sizing is possible but difficult to do fairly for both the customer and the vendor. Setting CF aside, the way most solution architects would develop a price-effective solution would be to figure out the minimum number of instances, buy enough reserved instances to cover that minimum, then buy on-demand licenses for the remainder. That would be difficult to do with the CF AMI which can only be used as on-demand. But there are large organizations installing their own CF on their own instances, and I question whether that's being done in violation of the CF license.   Anyway, I hope this helps!   ... View more

I haven't used the bug tracker in ages, but they do have a FAQ which says:   "How do I report an issue with the Adobe Tracker site?   Please use the Add bug or New feature tab to let us know about issues that you are facing with the Tracker application or feature enhancements that you would like to see. Please select the Product as “Adobe Tracker” and Version as “1.0” when submitting your bugs and/or features."   Sadly, I don't think Adobe has a way to manually report issues with the tracker. So, I recommend you send an email to cfsup@adobe.com.   ... View more

Thank you for a great troubleshooting report! I couldn't find a way to upvote it or mark it as correct, maybe because it's not an answer to a specific question. Again, thanks for this report!   ... View more

Also, you might need to set some specific, undocumented Tomcat environment variables using JkEnvVar in mod_jk.conf. Unfortunately, I don't know what they'd be.     ... View more

SELinux That's your problem right there.   More seriously, there just isn't much (any?) documentation about using CF 2025 with SELinux. I haven't had to do this since CF 9, I think. I doubt Adobe support will be especially helpful with this. Can you temporarily disable SELinux or at least set it to permissive mode?   ... View more

If you're getting an HTTP 404 response, it means you're probably connecting to the right host, but the host can't resolve the URL. And in your cURL response, you're getting that 404 from Jetty, not Tomcat or any other web or application server. So it sounds like you might have to find the correct filepath for the URL and use that instead of whatever you're using now. I'm sorry I can't provide any better answer right now.   ... View more

That's not a dumb question at all! The OP should try a less ambiguous query. Something like:   SELECT se.firstName, se.lastName  FROM SalesExec se ORDER BY se.initials, se.SalesExec   The OP should get rid of "*" and replace it with a definitive list, using the actual field names to be selected from the SalesExec table, but I don't know what they are.   ... View more

Womp womp.   You might want to encourage him to start one, for future auditing as well as general problem solving.   ... View more

Please don't implement that solution until you can accurately describe the problem you're having. If you're not having a problem, don't do anything!   First, this response is marked as the correct answer. I don't know who did that, but what question does it answer? The CFCONTENT tag works well enough for most uses. Have you encountered a problem with CFCONTENT?   Second, there's at least one error in your message. The IIS response buffer just buffers the response - the communication between IIS and the browser. If you're using IIS exclusively to serve a CF application, you almost certainly don't need to worry about the default IIS setting.   Third, none of your proposed solution has anything to do with IIS response buffering. In fact, I think you'd need to keep IIS response buffering disabled to get any value from your solution.   Fourth - and don't take this the wrong way - a lot of your messages in this thread have a bad AI smell. There's nothing wrong with using AI to help answer questions or learn something, but you don't want to use an AI solution without understanding the code it gives you, and without understanding your problem.   ... View more

I seem to recall you're in a restricted environment and have to wait for your administrator a lot. Is there a run book you can access and share?   ... View more

Why does it seem it could be a serious issue, or any issue at all? It's sort of common* to set it to zero if you're using IIS with PHP via FastCGI, and IIS buffered output could cause problems rendering dynamic content if you have, say, short amounts of text to output.   * "sort of" in the sense that it's pretty rare to run PHP apps on IIS   ... View more

I'd investigate further. This isn't something CF does automatically to arbitrary hosts, I think - someone please correct me if I'm wrong about that - but it's conceivably something your CF developers might do. What's the DNS name of the IP address?   ... View more

You might try sending an email to cfsup@adobe.com.   ... View more

I vaguely recall hearing about occasionally needing to delete the contents of felix-cache and restarting CF to use newly-added packages.   ... View more

The "ColdFusion and the underlying (Tomcat/Jetty) servlet container may use ports different from 80 and 443." really does make the story make sense.  As stated earlier, we are running a scheduled task (on each of the 6 instances) every 30 seconds.  That task then does in fact make a cfhttp call to yet another module.  It certainly does explain the AMOUNT of sockets.  I'm just curious as to why they remain established.  The whole routing that the scheduled task is calling returns immediately (not some long running process). Well, not really. I mean, you may well have too many CFHTTP requests. But so far, I haven't seen any indication of them in this thread.   First, if you're using different ports, you'd be the first one to know! CFHTTP, like any HTTP client, automatically expects you're using the standard ports. If you're not, you'd have to specify that right in the CFHTTP tag. When you use your browser to connect to, say, www.adobe.com, you don't have to specify TCP/80 (for plaintext HTTP) or TCP/443 (for HTTPS). It automatically opens a connection to the appropriate port and sends whatever it's supposed to send, something like this:   GET /path/to/resource HTTP/1.1 Host: www.adobe.com User-Agent: ... Accept: ... Accept-Language: ...   Now, if you're using a non-standard port, the client has to know what that port is:   <cfhttp url="https://www.whatever.com:8080/ ...>   It's simply not possible for an HTTP client to find an unknown non-standard port, you need to tell it what the port is.   Also, on an unrelated note, a CF application uses TCP internally for a lot of things. A LOT. I have no idea whether they'd all show up as TCP connections from coldfusion.exe (arbitrary client port) to coldfusion.exe (arbitrary server port) because, until now, I didn't have to worry about it. I'm answering from the world's slowest computer so it's hard for me to look too deeply into it, but I started three CF 2018 services: ColdFusion 2018 Application Server ColdFusion 2018 ODBC Agent ColdFusion 2018 ODBC then, without doing anything else, I went to TCPView, which is basically a GUI for netstat with some extra features, available as part of Sysinternals here:   https://learn.microsoft.com/en-us/sysinternals/downloads/tcpview   I used that instead of netstat because I couldn't figure out how to see just entries with coldfusion.exe in the name. (If anyone knows how, let me know!) Anyway, with no CFHTTP tags - or any other code - running, I had quite a few of these established connections.     I don't know what they are, but I can make some guesses. I stopped the ODBC Agent and ODBC Server services and retried this, and got the same thing.   So, again, while you may have a problem with coldfusion.exe making too many connections and while that may be caused by too many CFHTTP tags, these aren't it. My not-so-educated guess is that it's related to database connections, but I have no databases (or applications) against which to test. You could try disabling "Maintain Connections" in your test environment for all of your databases to see if that helps.   ... View more

2. The connections occur as two-way ESTABLISHED TCP pairs (for example, 51139 <==> 51140): This indicates that duplex communication is happening internally (that is, probably an actual HTTP call rather than some passive listener). This only happens if the same process is opening a client and a server socket. Which is exactly what happens when ColdFusion makes a local HTTP request. Yet another clue pointing to HTTP calls. I respectfully disagree. While there may be too many HTTP requests, these aren't HTTP requests. HTTP, like most services, usually relies on established, well-known ports (TCP/80 for HTTP, TCP/443 for HTTPS in most cases). While it's possible to specify non-standard ports, they're usually going to be in the range of registered ports (1024-49151). And, while I'm less sure about this part, I think it's unlikely you'd have an exact amount of established connections for HTTP/HTTPS connections and their clients even with CFHTTP. There's always going to be a pattern of the client trying to make a connection without finding an open server port, or an open server port waiting for a client, etc.   I hope all that makes sense, and doesn't slow down the diagnostic process too much.   ... View more

The only thing I did different, which was strongly against my will, is to uncheck "Maintain Connections". This is good, from a diagnostic perspective. It tells you that your JDBC connection pool is causing the error, probably from having too many concurrent connections open. If you're not the Oracle DBA, you might want to ask what's the recommended setting for this DB.   Of course, it's not a great permanent solution. But you might find the recommended setting for your environment is much lower than expected. You could start with, say, 20, then test that. If it works ok, try 40, then maybe 60. I've never used a higher max connection pool value than that with Oracle - although it's been a while since I've worked with Oracle. Or, maybe @BKBK gave a good minimum value and you could use that. Try it out, if you can!   ... View more

If you don't know what's in there, you should be able to check yourself and decide what to do. My other answer, posted a few seconds ago, might be more helpful.   ... View more

but, if someone were to manually alter the link to xxx.com/company/?company_id=true the page invokes the function, getCompany with company_id=#url.company_id# the function returns a record where company_id=1   Well, there's your problem right there! Look, it's nice you have CFQUERYPARAM to tell the database what types it should expect. But that's not intended to replace all validation in your code.   You should have something basically like this:   <cfif isValid("integer", url.company_id)> ... do all your other stuff, including your queries ... <cfelse> ... report the problem ... </cfif>   ... or, better yet, use CFTRY/CFCATCH/CFTHROW: https://helpx.adobe.com/coldfusion/developing-applications/the-cfml-programming-language/extending-coldfusion-pages-with-cfml-scripting/handling-exceptions.html   Note: my CF skills are a bit rusty, there are a lot of CF versions out there, and I'm not sure whether isValid will work for you. You might want to look at this: https://stackoverflow.com/questions/46124664/best-way-to-check-if-value-is-integer-coldfusion-9   Anyway, wrap your entire page/function/whatever in some conditional or error handling logic before you get to your CFQUERY.   ... View more

I wouldn't go so far as to say this is the intended behavior, but it's unsurprising. While CFQUERYPARAM requires a strict type for DB parameter validation, that's really only used by the DB. CFML itself is very loosely typed. So, if you happen to have a Boolean value where you think you should have an integer value, that Boolean value will automatically be converted to integer if it fits. And that's what's happening here! CFML is like a cat: "if it fits, I sits". In CFML, the fact that Boolean values are often expressed as if they were strings makes all this a bit more complicated, too.   The way around this is to not use Boolean values when you want integer values. The programmer should know which is which.   ... View more

Like @BKBK recommended, you should definitely share your code. In addition to that, you should provide some additional details. What got upgraded exactly? What errors are you seeing? What version of CF is covered by your book? Basically, any information you can provide may help us help you.   ... View more

Yeah, you're going to need to contact cfsup at adobe.com and file a bug in tracker.adobe.com.   ... View more

I enjoyed learning the stack, but I wouldn't want to do it today. Everything is more complicated. I recently worked on a (non-CF) project for a large org without any sensitive info or authentication that involved a dedicated cloud vendor and a top-tier CDN ... and still, STILL there were problems. I think that between the three teams - us as the contractors, the cloud vendor, the CDN vendor - we had probably ten people regularly involved. Yecch. When I started, it was a lot different, that's for sure.   ... View more

So, I'm just following up here, and am not an expert with VFS in ColdFusion. @BKBK noted that it looked like you had it enabled, because the last line of your error dump references it. But this file path is not using VFS, which had me scratching my head. My guess would be that @BKBK is right and that the CF user account doesn't have permissions to read and write to it. By default, the CF user account is actually a security context, LocalSystem or SYSTEM, that has full privileges to the local machine but absolutely no privilege to network resources at all. So, check that out in your Services control panel. I'm not sure why VFS is coming up here, but it's in your error message.   ... View more

@Charlie Arehart or @BKBK might be able to help you all out, but sometimes @mattf48248714 's solution is the best one: don't use CF for everything, let some dedicated service figure it out. CF has to provide a solution for everything. That solution might not do all the stuff you want. It might be discontinued, leaving you legacy code you need to rewrite. Sometimes it's best to learn additional new solutions and pick the best tool for the job, even if it's more work. I'm reminded of all the middling-quality CF-JavaScript integrations that depended on the Yahoo! YUI libraries ... which have been discontinued for a while. Anyway, I think websockets are complicated enough that they might warrant a separate product just for themselves if you can get it.   @Michael_Evolve , going back to your specific problem, I can pick up some potential problems. First, the words "concurrent users" are going to mean different things when you talk about HTTP/1.1 vs websockets, where you essentially have "always-on" connections. Second, sending all messages to all users instead of just their intended recipients is likely to cause issues, I think. I'd try to retrofit that to your CF websockets implementation if you can. If you can't, and no one can help you, maybe take a look at this library, which serves - and I quote - a "metric buttload" of websockets:   https://github.com/uNetworking/uWebSockets.js       ... View more

Do you have anything like Microsoft SQL Server running on the same machine? You might have to add the DependOnService registry value to these services so they don't stumble over each other.   Also, out of curiosity, are you using ODBC from ColdFusion? This is pretty rare nowadays. Usually, you can connect with JDBC directly and see better performance - not always, though.   ... View more

You should post the solution and mark it as the correct answer, if you have time.   ... View more

I'm not sure how you do this on a Mac exactly, but you need to install it with administration privileges. I think you do that with xattr, but you might need some additional switches. See if this helps:   https://community.jamf.com/t5/jamf-pro/need-help-with-xattr-command/m-p/262044   ... View more

I find it really difficult to believe that this behavior is caused by a CF patch, since you're still getting the appropriate response from the server. Try a different browser and see what happens.   ... View more