What happens if you increase the max line size? I think 50MB is pretty big, but that's an easy thing to change.   Dave Watts, Eidolon LLC  ... View more

If it happens for some users but not others, it's probably not a CF issue. Are you using any server-side caching? Edge servers? Have you cleared the compiled CF files? (I don't think that last question is the issue tbh.)   Dave Watts, Eidolon LLC  ... View more

It's one line you have to change, though, right? I haven't tried it, but it seems like you could prep for this by adding the attribute to your CFAPPLICATION tags now and not worry about it.   Dave Watts, Eidolon LLC ... View more

Once you have multiple web servers, things can get kind of ... weird. I'm not sure how you'd have intentionally set this up in the past - I can think of some ways, but they're kind of kludgy - and I'm not surprised it would break if you upgraded. And I'm not sure what value it provides to set it up that way anyway, although I'm guessing it has some value.   Let's say you installed CF in C:\ColdFusion2018 with the built-in web server (Tomcat), the default webroot "cfusion", and the default listening port for the cfusion app as TCP/8500. That means your CFIDE directory should be here: C:\ColdFusion2018\cfusion\wwwroot\CFIDE   You should then be able to access the CF Administrator using this URL: http://localhost:8500/CFIDE/Administrator/index.cfm Then, when you run the web server configuration tool to install the webconfig connector, you'll be able to run CF through IIS, but that will have a different configuration than Tomcat's web server. By default, I think, CF 2021 will create an IIS filter that will block the /CFIDE/administrator directory entirely. (I'm not sure of that offhand but it seems reasonable. I don't know when that behavior was introduced, if it was at all.) In any case, the web server configuration tool will fiddle with IIS internals to specify one behavior or another. You can also fiddle with IIS internals after the fact, within the IIS management console or by editing one of the several XML files IIS uses for its configuration.   But what it sounds like you want to do is mess around with Tomcat internals. That's ok, but it's not really related to CF that much, so there's no setting in CF Administrator for that. Specifically, you're going to want to remove index.cfm from the list of <welcome-file> items under <welcome-file-list> in: C:\ColdFusion2018\cfusion\wwwroot\WEB-INF\web.xml It's near the bottom of the page, in mine it's on line 553. Make sure you keep a backup copy! SIDEBAR: Let's talk about the lockdown guide and what it's for, for a minute. In general, the idea is to improve the security of your CF install. But what does that mean exactly? For different people it might mean different things. Do you want to expose the CF Administrator via IIS at all? Do you want to expose it via Tomcat to remote machines other than through RDP or explicit firewall rules? There isn't really a right answer to those questions. You have to figure out how security should work within your organization, and implement it accordingly. That's why there's a CF lockdown GUIDE instead of CF lockdown INSTRUCTIONS. If you use the lockdown tool built into the secure profile, someone else is going to make those choices for you, and I've always thought that was a bad idea unless you didn't know how to make those choices yourself. And if you did know how to make those choices yourself, you might be better off doing it manually anyway! A lot of them can be wrapped up in short scripts, etc.   Anyway, good luck!   Dave Watts, Eidolon LLC ... View more

You're welcome!   Dave Watts, Eidolon LLC  ... View more

If you can afford a brief interruption in service, you can use generic Windows tools to move from one disk to another using NTFS junction points or symlinks. To create a junction point: - stop the services using the files you want to move - use the junction.exe utility to create a junction as described here: Junction - Sysinternals | Microsoft Learn - start the services again - write all this down somewhere!   Dave Watts, Eidolon LLC ... View more

Solr is a superset of Lucene, basically just a web application that works with Lucene. So, my guess is that you're using the Lucene query parser.   You can add query="debug" to find out more information. Your query should have worked the way you wrote it, though. Here's Adobe's guide to Solr queries in CF:   https://helpx.adobe.com/coldfusion/developing-applications/accessing-and-using-data/solr-search-support/solr-search-examples.html   Dave Watts, Eidolon LLC      ... View more

I don't know much about cfpm, but would guess it's because you're not specifying a CFSERVERURL attribute.   Dave Watts, Eidolon LLC  ... View more

When you say the stylesheets and images can't be found, what exactly does that mean? Do they show up if you request those URLs directly, which shouldn't involve CF much? Do you see errors in the browser's developer tools when you go to the network tab?   Also, have you considered hiring a server person for a couple of hours consulting? I think @Charlie Arehart provides that service.   Dave Watts, Eidolon LLC ... View more

I think you have to choose the option in the wsconfig tool that only points to one IIS virtual server, and it should set up a separate application pool for you. But I'm not sure. Try it and see, if you can.   Dave Watts, Eidolon LLC ... View more

It may not be odd or peculiar, but it isn't ColdFusion. Adobe sells a lot of products. Knowing a lot about ColdFusion isn't going to help solve Acrobat problems.   Dave Watts, Eidolon LLC  ... View more

This isn't ColdFusion code, so I don't know what kind of answer you're going to get here. There are a few Acrobat and LiveCycle/AEM/whatever forums around. I don't know if Adobe actually has any of those. They do have Acrobat SDK documentation here:   https://opensource.adobe.com/dc-acrobat-sdk-docs/acrobatsdk/   As for the line of code that isn't persisting, maybe there's a datatype mismatch? I didn't think that was a thing in JavaScript or VBScript, but maybe just try making it into a string value instead of a numeric value:   JSO.getField("topmostSubform[0].Page1[0].LinesA-B[0].c1_6[0]").Value = "1"   Dave Watts, Eidolon LLC ... View more

I recommend you ask the service provider those questions I previously asked you. They should be able to give you a better answer than I can. Beyond that, it sounds like an administrator changed the timeout settings.   Dave Watts, Eidolon LLC  ... View more

I have no idea. You tell us. Did you make any server settings configuration changes? Did you make any other configuration changes, including updating Java? What, if any, were those changes? How recent is "recently"? How long did it take when it was working? What's in your log files, if anything?   If the file didn't change, why did you have to import it multiple times?   Don't take this personally, but I've been watching a lot of murder mysteries lately and it seems like I have to dig through the clues when you could just tell me more about the situation, and I'm not Poirot or Columbo or Inspector Morse etc.   Dave Watts, Eidolon LLC ... View more

This isn't really a question for Adobe, but rather for Amazon. It appears to be possible, if you purchase additional AWS gizmos like AWS Network Firewall:   https://docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-domain-names.html   I've at best skimmed that link, but it appears that you may be able to do what you want with some AWS knowledge.   Dave Watts, Eidolon LLC ... View more

I don't think so. But the older versions will cover the basics pretty well.   Dave Watts, Eidolon LLC  ... View more

In addition to what you did, which is also correct, you should see a "Robust Error" checkbox on the relevant CF Administrator page. That's what the checkbox is for.   Dave Watts, Eidolon LLC  ... View more

I don't know what kind of server registration if any exists in those tools, but chances are you're correct.   Dave Watts, Eidolon LLC ... View more

The most likely problem, I think, is DNS name resolution failure. I recommend trying with the IP address instead of the hostname, or putting the name and address in your hosts file.   Dave Watts, Eidolon LLC ... View more

If this never worked for you, take a look at your SQL Server authentication options. By default, I think, SQL Server uses Windows Authentication and CF isn't going to work with that without a little fiddling around. If you can choose mixed mode authentication, you can create and use accounts directly within SQL Server and CF will work with that just fine. I'm not sure if it's called "mixed mode" or not, but there are only two options and one of them is Windows Authentication.   If you have to use Windows Authentication, go here for a quick configuration guide for it:   https://helpx.adobe.com/coldfusion/configuring-administering/data-source-management-for-coldfusion.html#DataSourceManagementforColdFusion-ConnectingtoMicrosoftSQLServer   Mixed mode authentication is a lot easier to set up though.   Dave Watts, Eidolon LLC ... View more

Like @carl type3 said, ColdFusion 11 is dead. Remove it and nuke the directories just to be sure. Beyond that, why do you have files on two different drives? Did you install the original CF 2021 on one, the other, or both?   The one in \jre\lib belongs to the JRE that may or may not be used by ColdFusion. I don't know whether CF is using it, but I don't think it's vulnerable to remote attacks. The one in \jre\jetty\lib\ext is also kind of questionable. I suspect you're not using that jetty one at all. The ones in \cfusion\lib and \cfusion\jetty\lib\ext are probably being used. The Jetty server should not be accessible to untrusted networks anyway, it's just used to run Solr and maybe some other stuff, which CF can talk to directly via localhost. You should be able to rely on basic network hygiene to take care of that - a local firewall, probably.   Dave Watts, Eidolon LLC ... View more

There should be a free MySQL driver already installed, that will work with the MySQL Community database. If not, download the free MySQL JDBC driver and select "Other" as the datasource type. The CF docs cover how to do that, in detail.   https://helpx.adobe.com/coldfusion/kb/coldfusion-configuring-mysql-jdbc.html   I'd try to avoid ODBC, since CF needs to use a third-party JDBC-ODBC bridge from DataDirect. But that will work too.   Dave Watts, Eidolon LLC      ... View more

This seems like an ideal place to use CFTRY/CFCATCH:   <cftry>     ... error-prone code goes here ...    <cfcatch type="Any">    ... safe response goes here ...    </cfcatch> </cftry>   Dave Watts, Eidolon LLC ... View more

sometimes at same milisecond email will deliever fine, and next might stuck into undeliver emails. So, if there's any limit issues then all the emails should stuck on server one after another and none of next should get deliever   Actually, this can easily happen with any mail server not designed for bulk mail delivery: M365 mail delivery, Google Workspace mail delivery, etc. They can - and will - block a random and arbitrary number of mail messages you send from CF. You need an SMTP server capable of handling bulk mail delivery, or you need to fiddle around with CF so that it will retry messages until they eventually go through. I find having a locally-installed SMTP server the best way to handle this. If you're running Windows Server (not sure which versions) you can install the IIS SMTP server, which is not actually part of the latest IIS version. You configure CF to send messages to that, and that will handle the upstream delivery part for you. It will try and retry and retry as many times as needed.   Alternatively, you can configure CF to periodically retry everything in the UNDELIVR folder, by moving it back into the SPOOL folder. This assumes you have mail spooling enabled, which you probably should and do. I haven't done this in a while, but it should eventually deliver everything. I have no idea how long it'll take though. The SMTP services in M365 and Google Workspace aren't intended for bulk mail delivery and will reject a lot of messages more-or-less randomly.   Of course, you could have multiple SMTP servers, etc, but I suspect you don't. Look at that anyway, in addition to the things I mentioned.   Dave Watts, Eidolon LLC ... View more

I'm not aware of any linter, and I'd be hard-pressed to write a properties file from scratch. I recommend you try Adobe's sample file from the documentation.   Dave Watts, Eidolon LLC  ... View more

Probably! I don't do enough silent installs to tell. Also, you may need to make sure that the user installing CF also has read permissions to the silent.properties file.   Dave Watts, Eidolon LLC ... View more

SILENT_LICENSE_MODE=trail   should be   SILENT_LICENSE_MODE=trial   Dave Watts, Eidolon LLC  ... View more

Yes, it's still an issue, because Windows Authentication is proprietary. The easiest way to get around this is to install a local SMTP server that doesn't require it and limit access to that server.   Dave Watts, Eidolon LLC  ... View more

Maybe Adobe isn't great at notifying customers of the product roadmap, but you can participate in the prerelease cycle and find out what's being changed. As for SSL/TLS, you can use the same certificate and private key that you use for the web server. That's really all that needs to be installed in Tomcat. The installation process is a bit more clunky, though. But you're already updating your web server certificate every three years, right? You can probably set up Let's Encrypt to update it even more frequently.   https://www.revolgy.com/insights/blog/letsencrypt-tomcat-on-windows   As for the change itself, I sympathize with you. But the new arrangement may well be more secure, even if it doesn't conform to the CF 11 STIG. What are our security goals for CF admin access? Ideally, it should use a different channel from public web access, so that you can use a separate set of access control processes. In other words, if I have CF Administrator available through Tomcat on a different port, I can use a different firewall rule or security group or whatever, or even limit access to localhost and use RDP to connect to the server then use a browser on the server console to connect to the CF Administrator. Those are pretty simple examples. Maybe I do create a separate certificate that's signed by an internal CA instead of a public one, and require internal browsers to support that CA for management purposes. Etc, etc.   Finally, as for cyber teams scanning machines religiously, I dunno about that. I mean, lots of contractors use Nessus but don't really know any mitigation strategies other than "patch to latest version". That's not going to protect you against 0-days.   Anyway, I realize that this could all be read as a criticism of your statement. It isn't. You shouldn't have to do it. But you do have to, and you can.   Dave Watts, Eidolon LLC ... View more