This is version 370. It is not the current version, and thus it cannot be edited.
[Back to current version]   [Restore this version]

Metawerx News - Follow us on Twitter for latest updates!

14-Apr-2012 Railo - CFML on Tomcat

Today we've been playing with Railo 3.3 on Tomcat 7.0.27.

Railo implements the CFML language and is Open Source. Railo 3.3 is intended to be compatible with Adobe ColdFusion 9 and Railo 3.1.2 was intended to be compatible with Adobe ColdFusion 8.

CFML (Cold Fusion Markup Language) is a quick and easy server-side scripting language. Here's a quick example doing a database lookup:

<cfquery name="getproducts" datasource="mydb">
   select name, price from products where id = 100
<cfoutput query="getproducts">
   <br>#name# #price#

It also supports parameterised queries to easily avoid SQL-injection attacks etc...

We've been using it for years internally to mock up test systems before writing them properly in Java and Neale has also worked on large scale enterprise level applications written in CFML.

CFML started out as an interpreted language with caching, but long ago was converted into Java. These days CFM files are converted into Java, then compiled into classes just like JSP.

Cold Fusion Applications have been able to be hosted at Metawerx for a long time using the Cold Fusion WAR method. So why Railo? It's Open Source! No need to purchase licenses, and it runs on top of Tomcat or TomEE.

Here's a quick install guide:

  • Download Railo Custom from
  • Save it as a WAR file (eg: somename.war or ROOT.war depending on whether you want it to be the main ROOT application or a separate context)
  • Upload it to your webapps folder and wait for it to auto-deploy, or deploy it with Tomcat Manager
  • Go to the application using your browser, eg: and immediately set a password for the Server Administrator and Web Administrator
  • Set a database and mail server if you will use them, and limit the max connections to something suitable (eg: 5)
  • Upload your CFML pages or application and enjoy!

We found it installs quickly, configures easily and runs well.

Other alternatives for CFML are OpenBlueDragon (also Open Source) and of course Adobe ColdFusion (commercial).

12-Apr-2012 Boost your RAM!

Today we've been able to reduce our RAM upgrade prices to $30/mth per additional 512mb.

Throw massive additional caching power at your Metawerx JVM for $1/day!

06-Apr-2012 Tomcat 7.0.27 Released

Tomcat 7.0.27 has just been released and is now available at metawerx.

This release includes support for the WebSocket protocol (RFC6455). Both streaming and message based APIs are provided and the implementation fully passes the Autobahn test suite. Several examples are also included.

It also includes my patch to the HTTP digest support :-)

See the Tomcat page for details.

03-Apr-2012 After 15 years - finally a website redesign ;-)

In a few months, Metawerx will be 15 years old. We've come a long way since starting to play with Java right from the first release in 1996. Remember ServletExec? The first Java Servlets specification and the wonders of JSP that followed soon after? Tomcat, finally becoming really useful when it hit version 3? MySQL growing from an interesting free open-source DB into the most popular database in the world? So much has happened over the last 15 years, and we're proud to continue to be a part of it all.

Flashback courtesy of Jim Driscoll's blog - "Servlets were originally conceived of by James Gosling in 1995, but put aside for other interests. After some time, the concept was picked up by Pavani Diwanji, who built on the concept to create servlets as part of a project then called Jeeves (from a fictional character). This project was eventually productized into the Java Web Server, which many of us in Java EE land remember fondly to this day. I still have a shirt showing Duke in a Tux holding a platter, the symbol for Java Web Server. And incidently, the first versions of the servlet package were called java.servlet.*, since the javax extension hadn't been invented yet."

I'd like to say it's been a difficult journey, but really it's been a lot of fun learning from and supporting all of our wonderful customers, from the university students who wanted to play with Java on a real server, to the thriving enterprise customers who started small and we've helped grow to international online sales companies and multi-server clusters. Every new customer teaches us something new, and we enjoy the daily challenge of always trying to perform beyond your expectations.

We have focused on Java hosting features, database performance, security and reliability, and we've paid far too little attention to sales and marketing. A good number of our new clients these days come from recommendations, which has been key to our growth over the last 15 years. We would like to thank all our loyal customers, especially the ones that have been with us for over 10 years! Without your support, we would not be where we are today.

But, we're coders - system engineers - linux geeks - java freaks - DB admins - network guys - crypto nerds and sysadmins. Not web designers. I can't even match two colours together when I try to buy clothes.

We have 2 x 1300 numbers, a Collins St address, best-of-breed Java support, state of the art crypto, highly redundant mail, DNS and backup services, 99.985% provable uptime over 5 years and are the only hosting company in the world that supports the latest versions of Tomcat (7.0.26), TomEE (beta-2), JBoss (7.1) and Java (Java SE 7u3). Lately we're even contributing to the Tomcat project, TomEE and OpenJDK7.

However, our website has been looking old, tired, dated and unprofessional since about 2001. It was built in 1997, and has had content-updates, but no redesign or real work done on it. So finally after much ado, we are trashing it and bringing it up-to-date to match our hosting features. Over the coming weeks, with help from some of our web-design and graphic-artist customers, hopefully we'll have a fancy new website we can be proud of again. We've already changed the old frame-based layout and there's a lot more to do.

If you are a designer, SEO expert, have a proposal, suggestion, or just want to help out and get a mention in the credits, please contact us to be part of the change. And for everyone else - please excuse us while we change in front of you.

02-Apr-2012 Security Upgrade: POP3 over SSL now available

As with our popular IMAP/SSL hosting, we now provide POP3 over SSL.

We have implemented both the Alternate SSL Port method (on standard port 995) and the new STLS/STARTTLS method (on standard port 110).

Switch to SSL to ensure you are not sending your credentials over plain-text, and also prevent snooping on your email contents while receiving mail.

On Eudora 7, you can enable SSL by using either of the secure methods highlighted below:

On Outlook Express 6, the settings are as follows:

Remember to also use SSL for SMTP, and please contact us if you have any questions or run into any problems.

01-Apr-2012 Security Reminder: Enable SSL for SMTP

We provide TLS encryption between our servers and any mail clients or servers which support it. This ensures the transmission and reception of emails between our servers are securely encrypted.

Systems which support Secure SMTP include GMail, Exim, MS-Exchange, Sendmail, most banks and financial institutions, and many popular email clients, including Outlook Express, Thunderbird, Mac Mail and PC-Mail applications on iOS and Android devices. Hotmail does not enable secure SMTP (as of April 2012).

If you use the Metawerx SMTP server for outgoing emails, set your Outgoing mail (SMTP) port to 587 and enable STARTTLS mode or secure connection (SSL) mode to ensure your emails are not being sent in plaintext.

You can also enable it within your applications if you use JavaMail by setting props.put("mail.smtp.starttls.enable","true") in your JavaMail session.

Here is an example for Eudora 7:

Here is an example for Outlook Express 6 SP1. Note this example uses IMAP SSL as well, if you are using IMAP, set your IMAP port to 993 and tick the secure connection box for IMAP as well:

31-Mar-2012 phpMyAdmin Upgrade:

phpMyAdmin has been upgraded today to version This is a security and bug-fix upgrade.

26-Mar-2012 Security Upgrade: FTPS - FTP-Secure

All servers now support FTPES - FTP with TLS Explicit Encryption, otherwise known as FTP-SSL or FTP-Secure.

It is important that you enable this feature in your FTP client, otherwise malicious parties or software may be able to snoop on your password and gain access to your account.

Be sure to set it to Explicit or FTP with TLS/SSL - not the Implicit mode which uses a separate port.

Here is a screenshot for enabling the feature in WinSCP's login dialog box:

When connecting, a lock image should appear somewhere in your FTP client, like it does in a browser. Once again, an example from WinSCP:

Here is a screenshot for Transmit on the Mac:

Other FTP client software will have a similar feature, and if they don't - then it's time to upgrade your FTP client ;-)

If you have any questions or concerns, please don't hesitate to contact us.

26-Mar-2012 HTTP DIGEST Authentication on Tomcat Manager

In the interests of increased security, we have started using HTTP DIGEST Authentication on Tomcat Manager to prevent plaintext passwords being sent over HTTP on accounts where SSL is not used for Tomcat Manager logins. This involves quite a few changes throughout our infrastructure, so is being implemented in a phased approach according to Tomcat version.

The change has been completed for all Tomcat 7 customers. We are working through earlier versions, but due to the size of the customer base, earlier versions will take longer to be transitioned over. If you are on Tomcat 6 or earlier and want to have this addition immediately, please contact support.

If you are on a Self or Semi-Managed VM, you will be converted over last, but of course you already have the ability to change this yourself anyway.

We are personally checking every account that is changed over to DIGEST mode to ensure there are no login problems.

We've also found a series of small issues in Tomcat's implementation of DIGEST support, and have submitted the following patches and fixes to the Tomcat project:

24-Feb-2012 Quercus 4.0.25 released

Quercus 4.0.25 is now available for use on metawerx sites.

24-Feb-2012 JBoss 7.0 and 7.1

JBoss 7.0 and 7.1 are now available at metawerx.

22-Feb-2012 MySQL 5.5.21 Released

The following upgrades are now available at metawerx:

  • MySQL 5.5.21

22-Feb-2012 Tomcat 7.0.26 Released

The following upgrades are now available at metawerx:

  • Tomcat 7.0.26

This release is primarily a bug fix release and includes numerous bug fixes compared to version 7.0.25. See the Tomcat page for details.

16-Feb-2012 JDK1.6.0_31, JDK1.7.0_03 Released

The following upgrades are now available:

  • Java 1.6.0_31
  • Java 1.7.0_03

These releases provide a series of security fixes, see Oracle Java SE Critical Patch Update Advisory - February 2012

23-Jan-2012 Tomcat 7.0.25 Released

The following upgrades are now available:

  • Tomcat 7.0.25

17-Jan-2012 Tomcat 5.5.35 Released

The following upgrades are now available:

  • Tomcat 5.5.35

12-Jan-2012 MySQL 5.5.20 Released

The following upgrades are now available:

  • MySQL 5.5.20

All Metawex News Archives

metawerx specific

referring pages