Upgrade Your ColdFusion Today (Security, Performance and Cost)

Think upgrading ColdFusion is a waste of money?

That’s what one of my clients is thinking and he’s making a big mistake. He could lose hundreds of thousands of dollars.

This client’s company was stubbornly sticking to ColdFusion 8. It kept piling new lines of code onto its existing apps. After a while, the company’s code became a Frankenstien’s monster.

The client, let’s call him Frank, had rickety, old CFML code scattered across several servers. Nearly all of it was vulnerable to hacks. Frank’s employer needed to modernize its ColdFusion. Instead, they wanted to switch all their existing code over to .NET.

Frank was in a pickle. He knew the company’s policy was sending it into dangerous — and expensive — waters.

ColdFusion evolved to include a host of new security tools and modernized features keeping it ahead of the rest of the tech world. It’d make sense to stick with it.

Moving over to a completely different language would cost much more than a new version of ColdFusion. Frank needed to prove that to his bosses.

In this article, you will learn:

1. The problems with running outdated CF.
2. The real savings of switching to the newest version of ColdFusion.
3. A price comparison between the cost of upgrading and the downsides of staying stuck in the past.
4. The benefits of modernizing your ColdFusion.

Keeping your applications and hardware up to date seems like a no-brainer. Code and development platforms don’t age well like fine wine. They rot.

Frank’s company, for example, was relying on a version of ColdFusion released the same time as the first “Avengers” movie!

Sometimes it’s simple forgetfulness. Others underestimate the importance of modernizing.

By neglecting to modernize, you:

• Miss out on new tools and innovations which keep CFML ahead of other languages.
• Leave your company vulnerable to security problems fixed by updates and patches. Most hacked CF users admit they use software which wasn’t patched or had vulnerable code, according to the State of the CF Union 2019 .
• Add to the technical debt of your company. Old code piles on until it becomes a tangled mess (this was the biggest mistake for Frank’s company.)

People who neglect to update their ColdFusion do this to themselves. But they blame the platform! It’s like neglecting to maintain your car then calling it junk when it breaks down.

If you ever hear the misguided notion that ColdFusion is old, outdated, or dying, you may be speaking to someone who hasn’t upgraded their CF in years.

Thomas Gobricki and I had a meeting of the minds, which you can check out on the podcast . We tried to quantify the Return on Investment for using modern CF in real dollar terms.

First, we decided to measure “cost”:

• The cost of the product itself, up to $10,000 for the Enterprise Edition of ColdFusion.
• Missed opportunities which would have come to fruition if you had the latest version of CF. For example, server outages are a common byproduct of using an older version of ColdFusion. Downed servers cost money in the form of lost customers, which are much more expensive than ColdFusion itself. Gobricki estimated an outage is worth about the cost of a midsize car, depending on the size of your company. As a result, he rarely if ever takes his servers down. “We rarely go down,” he said. “I mean most of the time we go down because we have to go down to patch Windows as opposed to patching ColdFusion.”
• Wasted time and energy spent on old legacy code. How many hours a day are your developers spending trying to keep dusty old code relevant?
• A buggy or unreliable product leads to a bad reputation. Customers bumped off your application are less likely to return.
• Staff expenses

“Programmers are expensive resources,” Gobricki told me. He estimates programmers are 50% more productive using CF. It leads to hundreds of thousands in savings, depending on the size of the company and project. ColdFusion developers are much easier to find. Most IT gurus worth their salt can pick up CFML in a snap, and become proficient in no time.

• Cost of maintenance ColdFusion has its own self-inspecting tools which protect your application from bugs, hacks, and sloppy code. “Just the fact that ColdFusion allows you to see where it’s having a problem, and report to you,” Gobricki said. “It’s got all kinds of features that just make it easier for us to gather our diagnostics, and figure out what happened. And fix it without going to the customer and going through a lot of back and forth, and show me what you did, and everything like that. “I’d rather my programmers be focused on fixing the code, or adding new features,” he added.
• Rapid Application Development — meet your deadlines!

Most development platforms don’t come with everything everyone needs. There has to be some sort of customization along the way. ColdFusion comes stocked with tools developers would otherwise have to make themselves. For example, CF has Google Maps integration right out of the box. The less time your developers spend on creating these tools, the more time they can spend on coding.

But what about the other, ancillary costs?

Let’s get down to the nitty gritty: aren’t there added, hidden expenses aside from the cash your company shells out on the latest version of ColdFusion?

Technically, yes. Your development team may spend a bit of time transitioning to the latest version. This means bringing staff and code in line with the latest features in the new CF.

In reality, the Return on Investment for upgrading your ColdFusion negates the added costs. Your company will actually make money thanks to savings, new efficiencies, and added security.

What are the main benefits when modernizing your software?

Conversations about upgrading usually follow the cost-benefit pattern that surrounds all expenditures.

Few CIOs compare the short term cost (the money you spend on the latest version of ColdFusion) versus the long term savings. Here’s a table to help:

The latest version of ColdFusion, about $2,500 — $10,000 depending on what edition you purchase

A couple of minor, relatively painless adjustments to existing codes

The latest patches and security updates, so your company doesn’t worry about hacks

Time spent letting staff learn all of CF’s new features and tricks

Less legacy code and technical debt

Latest solutions and tools which your team would otherwise have to write itself

Less time and money spent on maintaining old, outdated code

Performance and maintenance tools shorten the amount of time you spend tuning code

These are just some of the pros and cons of upgrading to the latest version of ColdFusion.

I haven’t even listed all of the best features in the modernized version of ColdFusion.

Switching from one programming language to another, like Frank’s company suggested, won’t help. Applications don’t hop between programming languages easily.

By my estimates, Frank’s company would’ve spent close to six-digits, even crossing the $1 million threshold, if it decided to switch all seven years-worth of code to .NET.

Besides, why would you want to switch anyway? CFML is better than other programming languages ! It’s faster, easier to use, more secure, and supported by Adobe for the long haul.

CF beats the competition such as Java or on almost every front, including . All things being equal, CFML requires only 20–30% of the PHP code , for example.

All told, modern ColdFusion could save a company between $40,000 and $1.3 million depending on its size, according to back-of-the-envelope math I did during an interview with Thomas Grobicki .

What, besides costs, is stopping you from upgrading?

You’ve now seen the list of expenses that come with sticking to old, outdated ColdFusion. You may have other concerns though. Let’s address the biggest one: migrating legacy code.

ColdFusion helps you transition to the latest version without having to worry about rewriting whole lines of code. One such tool points out chunks of code which need to be addressed in order for them to remain functional. It makes the upgrading process much more painless in the long term.

Putting something off can feel harmless. Inevitably though, it’ll cost you. From security to technical debt, using an outdated, dusty version of ColdFusion can end up costing more than consistent upgrades. Until finally you find yourself contemplating ditching everything from scratch and starting over — like Frank’s company almost did. Don’t let it happen!

And to continue learning how to make your ColdFusion apps more modern and alive, I encourage you to download our free ColdFusion Alive Best Practices Checklist.

Because… perhaps you are responsible for a mission-critical or revenue-generating CF application that you don’t trust 100%, where implementing new features is a painful ad-hoc process with slow turnaround even for simple requests.

What if you have no contingency plan for a sudden developer departure or a server outage? Perhaps every time a new freelancer works on your site, something breaks. Or your application availability, security, and reliability are poor.

And if you are depending on ColdFusion for your job, then you can’t afford to let your CF development methods die on the vine.

You’re making a high-stakes bet that everything is going to be OK using the same old app creation ways in that one language — forever.

All it would take is for your fellow CF developer to quit or for your CIO to decide to leave the (falsely) perceived sinking ship of CFML and you could lose everything-your project, your hard-won CF skills, and possibly even your job.

Luckily, there are a number of simple, logical steps you can take now to protect yourself from these obvious risks.

No Brainer ColdFusion Best Practices to Ensure You Thrive No Matter What Happens Next

ColdFusion Alive Best Practices Checklist

Modern ColdFusion development best practices that reduce stress, inefficiency, project lifecycle costs while simultaneously increasing project velocity and innovation.

Easily create a consistent server architecture across development, testing, and production

A modern test environment to prevent bugs from spreading

√ Automated continuous integration tools that work well with CF

A portable development environment baked into your codebase… for free!

Learn about these and many more strategies in our free ColdFusion Alive Best Practices Checklist.

Originally published at https://teratech.com on August 23, 2019.