Do you all remove CF's write access to all files in your site(s) directory? Of course to do that, you'd have to move all temp file locations somewhere outside there first.

kinda. We remove write permissions, and then re-grant them to a few explicit directories, which we are also gradually moving out of the webroot.

makes sense, thanks

yeah, CF only needs read permission to cfm or cfc files, so I try to use

getTempDirectory()

for any temp file writing needs since it will always be outside the web root by default

^^^ wot Pete said. Also: the only CFML thing one ought to have in the web root is an index.cfm, and a stub Application.cfc. Nothing else ought to be being requested directly by the web server. Source code should not be web-browsable, and should only be readable by the CFML server. If for some reason my app needed to be writing code that either needed to be web-browsable or executable by the app, I would consider having a different CFML server doing the management of that stuff than the one that the web browser talks to. On the whole using the temp dir has been been fine for that sort of thing though. We're never creating "permanent" files on the fly like that.