Inspiring

Answered

ColdFusion 2023 Standard Administrator not accessible on port 80?

Forum|Forum|1 year ago
May 3, 2024
2 replies
1959 views

I think I've seen the answer to this alluded to in a couple other posts, but nothing explicitly stated as such. I'm installing ColdFusion 2023 Standard for the first time, and am unable to access the CF Admin except via the internal web server (http://127.0.0.1:8500/CFIDE/administrator/index.cfm on the server itself). Even after adding the Virtual Directory to the correct path in IIS and uncommenting the /CFIDE/ line in uriworkermap.properties (as I've been doing on installs since CF2018), I still cannot open my admin via a "regular" URL (http://myhost.mydomain.com/cfide/administrator), even on the server itself much less from my connected workstation. I get this message:

The requested URL was not found on this server!

If you entered the URL manually please check your spelling and try again.

Tomcat/ISAPI/isapi_redirector/1.2.46

Again, I've seen references to how Adobe has made it "harder" to open access to one's CF Admin via this path, but nothing explicitly saying you CAN'T do it anymore. I know many consider it a security risk, but if it's still possible, I'd like to maintain that ease of access within our network (having to Remote Desktop to each server, wait for the desktop to load and then access the admin proves to be very inefficient).

Any definitive answers out there on this? Thanks!

Correct answer Priyank Shrivastava.

@jarviswabi You are right, this is an intended change due to a recent security issue. We are not allowing users to access CF admin via WebServer(IIS/Apache). I hope this answers your question.

M

michaelg11604920

Participating Frequently

I'm having the same issues trying to run CF admin under IIS. New install of CF 2023 and the latest security patches. I've done all the regular steps including commenting out this line from the uriworkermap.properties.

#!/CFIDE* = cfusion

Everything else seems to be fine. I have the /CFIDE and /jakarta mappings. Coldfusion is running and I can access it at http://127.0.0.1:8500/CFIDE/administrator/datasources/index.cfm.

In IIS I have it running over a self signed SSL certificate. Just to check I also tried loading it over http and still has the same issue. I have the correct permissions I believe under CFIDE (IUSR;IIS_IUSRS with read permissions).

Loading the https://127.0.0.1:8083/CFIDE/administrator/index.cfm page on the server locally always returns:

The requested URL was not found on this server!

If you entered the URL manually please check your spelling and try again.

Tomcat/ISAPI/isapi_redirector/1.2.46

I've rerun the web server configuration tool a few times and re-modified the uriworkermap.properties.

What's frustrating is I know this can still work. I setup a Dev server a few months back on ACF 2023 and got it working no problem through IIS. I'm comparing all the configuration files and at a loss.

M

michaelg11604920

Participating Frequently

This is new. I didn't see this message before. The isapi_redirect.log file outputs this now. Literally says "

Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide". Is this brand new? Haven't seen it mentioned in patches, but maybe I missed it. And again, I got this working on another server, which is confusing.

[Wed Jan 15 14:24:05.126 2025] [4240:6988] [info] jk_log_version::jk_connector_version.h (21😞 Connector Version: 330593

[Wed Jan 15 14:24:05.129 2025] [4240:6988] [info] init_jk::jk_isapi_plugin.c (3632😞 Starting Tomcat/ISAPI/isapi_redirector/1.2.46

[Wed Jan 15 14:24:05.136 2025] [4240:6988] [info] init_jk::jk_isapi_plugin.c (3870😞 Tomcat/ISAPI/isapi_redirector/1.2.46 initialized

[Wed Jan 15 14:24:05.136 2025] [4240:6816] [info] jk_connector_CF_func::jk_isapi_plugin.c (3130😞 CF heartbeat started

[Wed Jan 15 14:24:05.138 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:24:05.708 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:24:06.083 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:24:10.166 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE] since its starting with cfide

[Wed Jan 15 14:24:10.667 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE] since its starting with cfide

[Wed Jan 15 14:24:11.898 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:24:12.386 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:42:10.667 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:42:11.527 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:42:11.971 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:42:13.463 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

[Wed Jan 15 14:49:52.785 2025] [4240:7024] [info] TerminateFilter::jk_isapi_plugin.c (2839😞 Tomcat/ISAPI/isapi_redirector/1.2.46 stopping

[Wed Jan 15 14:49:52.959 2025] [4240:7024] [info] TerminateFilter::jk_isapi_plugin.c (2873😞 CF heartbeat stopped

[Wed Jan 15 14:51:14.546 2025] [4240:6988] [info] jk_log_version::jk_connector_version.h (21😞 Connector Version: 330593

[Wed Jan 15 14:51:14.548 2025] [4240:6988] [info] init_jk::jk_isapi_plugin.c (3632😞 Starting Tomcat/ISAPI/isapi_redirector/1.2.46

[Wed Jan 15 14:51:14.553 2025] [4240:6988] [info] init_jk::jk_isapi_plugin.c (3870😞 Tomcat/ISAPI/isapi_redirector/1.2.46 initialized

[Wed Jan 15 14:51:14.553 2025] [4240:8324] [info] jk_connector_CF_func::jk_isapi_plugin.c (3130😞 CF heartbeat started

[Wed Jan 15 14:51:14.555 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE] since its starting with cfide

[Wed Jan 15 14:51:16.499 2025] [4240:6988] [warn] jk_check_path::jk_util.c (2476😞 Blocking this uri: [/CFIDE/administrator/index.cfm] since its starting with cfide

M

michaelg11604920

Participating Frequently

I double checked that this is still commented out.

#!/CFIDE* = cfusion

J

jarviswabiAuthor

Inspiring

I should follow up here and say that I discovered I could still access the CF Admin from my workstation (or wherever) by simply adding port 8500 to the URL (http://myhost.mydomain.com:8500/cfide/administrator), and a similar fix works for RDS in both VS Code and Homesite+. So that resolves my issue of not being able to access it without a Remote Desktop session, and leaves my question as just a point of curiosity - as we upgrade our other CF servers (all internal, not exposed to the internet), will I need to do the same thing? Is port 80 forever blocked from carrying CFIDE traffic?

Priyank Shrivastava.

Correct answer

Community Manager

@jarviswabi You are right, this is an intended change due to a recent security issue. We are not allowing users to access CF admin via WebServer(IIS/Apache). I hope this answers your question.

Thanks, Priyank Shrivastava

The requested URL was not found on this server!

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded