We are so excited to announce the availability of FuseGuard, the application firewall for CFML, as a ColdBox and ContentBox Module.  We teamed up with Pete Freitag at Foundeo and have create an awesome module that can protect your ColdBox and ContentBox applications with incredible ease, performance and durability.  We not only integrated this amazing application firewall but gave it some ColdBox flare.  We introduce several new event handlers, interception points and even view conventions.  You can visit our product page to learn more about the Ortus FuseGuard module or also read our amazing documentation.

Features in a Nutshell

Apart from the standard features of the Foundeo FuseGuard Firewall, we have exteded it with more ColdBox/ContentBox capabilities.  The firewall comes with over 15 filters to help protect against vulnerabilities such as:

• Malicious File Uploads
• Cross Site Scripting / XSS
• SQL Injection
• Session Hijacking
• Cross Site Request Forgery
• CRLF Injection
• Path Traversal Attacks
• Password Dictionary Attacks

The firewall comes embedded in a dual-performing module that will work for both ColdBox 3 applications and ContentBox Modular CMS. The module features are:

• Automatic firewall registration in your application
• Centralized Firewall configuration and extensibility via our module configuration
• Registration of a new ColdBox interception point called onFuseGuardBlock that will be announced on firewall interventions
• Ability to create interceptor response chains via ColdBox/ContentBox when the firewall blocks a request
• Ability to register a BlockRequestHandler event to execute whenever the firewall blocks a request
• Ability to do scope registration of the firewall in any valid ColdFusion scope
• Access to the firewall object in the module configuration
• FuseGuard ContentBox panel integration (Coming Soon)
• ContentBox FuseGuard permission registration and administrative rights to the firewall (Coming Soon)