Lucee code security

I’m using my Windows 10 as a dev box. Recently I find some of its source code has been compromised. I didn’t use any antivirus program and I’m frequently on public wifi. What measure could I take to stop such despicable perpetrator? Thanks.

Don’t forget to tell us about your stack!

OS: Windows 10
Java Version: ???
Tomcat Version: 8.5.32
Lucee Version: Lucee

There are a lot of measures you could take, but it’s hard to know how exactly you were compromised from the details you provided. Make sure you have a firewall setup so the rest of the public WiFi can’t access the servers you might have running, and making sure you are keeping up with security patches will certainly help.

As for your CFML code itself, you can scan that using Fixinator (made by my company) which can detect several know CFM backdoors, known vulnerable third party components, and can also identify many different types of security issues within your CFML code.

Hope that helps!

1 Like

Thanks Peter. As for firewall setup, Windows Defender Firewall is always up and running.

I suspect the perpetrator is extremely sophisticated.

did they add a backdoor?

i noticed change of my source code to produce less than desirable results ( algorithm compromised ),
not sure about backdoor, how to determine that?