Al,
West Wind Web Connection is still being actively developed and supported. So if there are vulnerabilities that show up, I'll get them fixed (if possible). In fact I just released a major update last week.
I doubt that FoxPro or Web Connection specifically would be much of a target for hackers and given the long lifespan we've had since updates and the maturity of the Foxpro and Web Connection I think likelyhood of problems down the line are very small relatively to other things.
Given that FoxPro has always been an edge product for Microsoft and never really needed anything in the way of support (or never had decent support to start with) loss of support doesn't strike me as a deal breaker. There might be plenty of other reasons - lack of developers, aging language and tool chain etc - but MS support is the least of the worries.
The biggest worry with VFP IMHO will be if the Windows UI eventually makes VFP apps too quirky to be usable. So far it's been acceptable and one can work around it, but you never know what happens in the future. For server apps using Web Connection (or other Web tool) this is much less of an issue especially since you can control the platform. If you start on Windows 2012 R2 today you have at least 10 years before you have to retire those servers and before support runs out for those and it looks like Windows 2015 will extend that even further out.
+++ Rick ---
>>Hey all
>>
>>Currently, we have an outward facing web application written in VFP using the West Wind Web Connection and now that MS has given a hard deadline for ending support the higher ups are beginning to twist and shout.
>>
>>Are there any possible security risks that we should be aware of? We're looking at keeping this application going for the next 2 years as its replacement is brought up to speed?
>>
>>Any information/concerns appreciated
>
>You might want to ask Rick on the West Wind board about vulns specific to his product.
>
>I think you'll find the bigger concern for sites accessible from the public Internet is that they're using an up-to-date Windows OS and patched web server (e.g. IIS for West Wind) and protected with a router/firewall. I believe there is a BPA (Best Practices Analyzer) for various versions of IIS.