I am running CF2023 on IIS (moving from an older version of CF). When I run the configuration tool, it adds two types things to IIS (several handler mappings and an ISAPI filter). My question is about purpose/necessity the ISAPI filter. If I remove it, everything seems to continue working as it should. Let me explain why I want to remove it.
The presence that ISAPI filter changes how 404 errors are handled. When it is not present, all 404 errors are handled by IIS. When it is present, however, CF handles the .cfm 404s and IIS handles the rest. I am concerned aboout this for two reasons:
(1) I leverage 404 pages to do my own, in application URL rewrites. IIS sees the 404, passes it to a template of my choosing, and I then process the cgi.query_string that is passed in. I can, for example, call a URL that uses a slug (like wordpress does). My 404 processor checks the slug against the database and calls the proper page. If the slug doesn't exist, I drop a 404 error code witrh cfheader and display a 404 message to the browser. This works great unless that ISAPI filter is present. When CF is allowed to handle the 404 first, it still calls my custom 404 processing template but it removed the query sting data from cgi.query_string. I can still get that cgi.http_url but only when the 404 is a CFM page. If it was a non-cfm page (like a slug), IIS has the 404 first and I have to use the original processing method.
(2) With the ISAPI filer in place, CF logs every 404 in the application log. Bots hit my sites all of the time with bogus URLs and the result is an overflowing application log where it is difficult to go find true errors when I need them.
So, this was a long, convoluted way to ask if I can safely remove the ISAPI filter. Does it onlt affect how 404s are managed or does it dom something more that I am not seeing?
1
Reply
AdChoices