Skip to main content
A
AHTbarry
Participant
August 28, 2008
Question

Limiting external access to CF Administrator

  • August 28, 2008
  • 3 replies
  • 797 views
Is there a way to change the default port of CF Administrator from port 8080 to another port? I would like to prevent the ability for people outside of my local network from accessing CF Administrator. I have a new username/password but I would prefer that they cannot even access the login screen to guess what the password may be.

Any help is greatly appreciated.
    This topic has been closed for replies.

    3 replies

    A
    Anonymous
    August 29, 2008
    You can change that port all day long. But until you put some network rules in place, it is going to be available to anyone. You might want to consider firing up the firewall on your machine to limit who can access the port you've defined for your administrator.

    Generally, I remove the administrator and adminapi folders from my web server's virtual path to /cfide. However, CF will still process requests to that folder even though administrator and adminapi are gone. So I follow that up with a rewrite rule instructing the web server to send back a 404 should someone try to access it that way.
    A
    Anonymous
    August 28, 2008
    Not sure what web server you're using but you could limit access to the cfide/administrator folder by IP address. It's a simple process in Windows Server (2003,2008).
    A
    AHTbarryAuthor
    Participant
    August 28, 2008
    We are trying to run CF on Red Hat Linux. Would it make more sense to just move the /cfide/administrator folder elsewhere on the server? Is there any documentation that you might be able to point me to regarding either of these options?
    R
    rdhelms
    Known Participant
    August 28, 2008
    I believe you can change it in

    cf_root\runtime\servers\coldfusion\SERVER-INF\jrun.xml

    Search for "This is the built-in JRun Web Server" and the port attribute should be right under there, it's near the bottom of the document
    A
    AHTbarryAuthor
    Participant
    August 28, 2008
    Thank you for your quick response. I found the entry you suggested:

    <!-- This is the built-in JRun Web Server -->
    <!-- =========================================== -->
    <service class="jrun.servlet.http.WebService" name="WebService">
    <attribute name="port">8500</attribute>
    <attribute name="interface">*</attribute>
    <attribute name="deactivated">false</attribute>
    <attribute name="activeHandlerThreads">50</attribute>
    <attribute name="minHandlerThreads">1</attribute>
    <attribute name="maxHandlerThreads">1000</attribute>
    <attribute name="mapCheck">0</attribute>
    <attribute name="threadWaitTimeout">300</attribute>
    <attribute name="backlog">500</attribute>
    <attribute name="timeout">300</attribute>
    </service>

    So if I change the default port of 8500 to something else than this will prevent external users from accessing the CF Admin login page? I am installing CF on Apache and am not using the built-in server. Does that make a difference? Sorry but I do not have a lot of experience configuring CF.
    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices