It’s the nature of the beast….sometimes, without warning...websites and applications break. You can blame it on the internet, technology, or the full moon. But at the end of the day, when you are in the middle of a ColdFusion emergency, you need someone to fix it. Here are just a few examples of situations that could quickly put you in panic mode.
Security is at the top of everyone’s mind nowadays. There are all different kinds of security issues. Hackers, breaches, and good old-fashioned break-downs. And then there are the security issues that you never saw coming. If you aren’t already working with a development partner, and are hit with a security emergency, you might feel a sense of panic. The WRIS Web Services team is skilled at addressing many of these types of situations. For example, we received a call from a company who wanted our help investigating something. This company had an e-commerce site, and they noticed that orders were suddenly getting declined because credit cards were being cancelled. They suspected hacking or an inside job. We were given access to their database and put some logging into place that allowed us to watch who was logging in as an administrator. The company’s suspicions were correct. We found a hidden backdoor into the page where orders are processed. That page displayed entire credit card profiles in plain text. We also found that passwords were being stored in plain text. After these discoveries, we implemented security to truncate cards after they were processed, locked down the security by IP address from the main office, and closed the back door by changing and encrypting passwords. Ultimately, credit card numbers stopped getting stolen and the website had a new level of security.
Payment Gateway Updates
If you have any form of e-commerce on your site, you undoubtedly have a payment gateway in place (Stripe, Authorize.net, PayPal, etc.) so you can process payments in real-time. And as expected, payment gateways need to update and maintain their security policies. The problem is that sometimes those updates are not compatible with an older version of ColdFusion (or the underlying Java to be more specific). Next thing you know, customers are calling because they can’t purchase on your site. Problem! It’s not possible to roll-back to a previous version of the payment gateway...those are third-party applications that integrate into your site. So what’s the only other option? You need to upgrade to a newer version of ColdFusion, one that will work with the updated payment gateway and get your site back in working order. But obviously, not everyone is skilled at ColdFusion upgrades, and it involves things like securing access to the current environment(s), creating a copy of the code, setting up a local environment, establishing source control, and that’s just before we get started!
Even if you don’t have e-commerce, you probably integrate some type of third-party application on your site (Facebook, Twitter, Google, etc.) And guess what? Those get updates frequently, too, and often without warning. And that sometimes makes them incompatible with your version of ColdFusion. So depending on the application, this could create a big issue or just be more of a nuisance that makes your site look sloppy. But again, you can’t use the previous version of Facebook, so you’re going to have to upgrade to a new ColdFusion, which involves a few steps (see above.)
Sometimes, a third-party (ahem, Google) puts out an update (or mandate) that means your site needs to comply or it’s going to suffer in the rankings. Your site isn’t broken, but you only have a limited amount of time until you start to feel the effects. You need someone who is skilled at ColdFusion so that they can implement the changes without messing things up or causing significant downtime. So whether it’s adding an SSL, reworking your directory structure, or making sure your site is mobile-friendly, you need a ColdFusion partner who can do it quickly and efficiently.
To the Cloud
You're being told by your hosting provider that they are keeping your "old" ColdFusion web application on an outdated hardware platform that they do not want to support any longer because of the liability. Great. They are probably charging you more for this service as well. Even better. Also, you're likely running on an old and outdated operating system that isn't supported any longer, is susceptible to security risks, and just isn’t the best scenario overall. So now what? Your easiest solution -- and one that will prevent you from getting in this situation again -- is to migrate your application to a virtual private (cloud) server. When you move to the cloud you will be on the latest and greatest software and hardware, plus have the support and reassurance you need and deserve. This is a cost-effective way to buy some time while you make decisions about the future of your ColdFusion application. Whether you decide to invest in it further or move in another direction, you will have the flexibility to do the research needed to make the right decisions...and avoid another ColdFusion emergency.
Keep Calm and ColdFusion On
So don’t assume that just because your website or web application is running on ColdFusion, emergencies spell disaster. Where there’s a trusted ColdFusion developer (like WRIS), there’s a way.