Note: I should have pointed out that all this is built into ColdFusion. There is no downloading, installing, or configuring.
Any input that your website accepts has to treated as if it were hostile and / or malformed. The Open Web Applications Security Project (OWASP) has a collection of recommendations and Java utilities to help protect against these threats. ColdFusion, being powered by Java, also has these functions. Use them!
Download a 30 days free trial.
No credit card required.
Adobe Certified Professional
Online Certification Coming Soon