Setup your application with setupApplication()
When you install a new site in Preside you will find a Application.cfc file in your root directory containing a few lines of code:
component extends="preside.system.Bootstrap" {
super.setupApplication( id = "IdOfYourSite");
}
As you can see the Application.cfc is extending the file /preside/system/Bootstrap.cfc. Let's have a look into this function:
public void function setupApplication(
string id = CreateUUId()
, string name = arguments.id & ExpandPath( "/" )
, array statelessUrlPatterns = [ "^https?://(.*?)/api/.*" ]
, array statelessUserAgentPatterns = [ "CFSCHEDULE", "(bot\b|crawler\b|spider\b|80legs|ia_archiver|voyager|curl|wget|yahoo! slurp|mediapartners-google)" ]
, boolean sessionManagement
, any sessionTimeout = CreateTimeSpan( 0, 0, 40, 0 )
, numeric applicationReloadTimeout = 1200
, numeric applicationReloadLockTimeout = 0
, string scriptProtect = "none"
, string reloadPassword = "true"
, boolean showDbSyncScripts = false
) {...}
There are some more parameters you can set for your application. They are self explaining and don't need to be changed in the most cases.
But there's one parameter I'd like to explain: reloadPassword.
Whenever you do a ?fwreinit=true to re-initialize your application (e.g. after a DB update), the password in this setting will be used and validated against.
Is this a security issue? No, it's not. But script kiddies, re-initializing your application every five minutes are annoying.
The recommendation is to change this value to a more secure value that only you know. So if you set reloadPassword="MySuperSecretPassword" you can re-initialize your application with: ?fwreinit=MySuperSecretPassword
You can also set this value to a dynamic value. For example super.setupApplication( reloadPassword=Hour(now()) ) is absolutely valid.