Skip to main content
E
ebcohen
Inspiring
October 2, 2022
Answered

CF2021 Lockdown Failure

  • October 2, 2022
  • 2 replies
  • 642 views

Is there a way to undo the ColdFusion 2021 lockdown tool?

I was following the lockdown guide and did skip one step (Setting up a separate drive to host my website files) which may be the cause of my problems: After running the lock down software for ColdFusion 2021, I can only partially access my IIS-based sites by using 127.0.0.1, and that is only partially. Otherwise, I am hitting server errors such as:

"The requested page cannot be accessed because the related configuration data for the page is invalid.  Cannot add duplicate collection entry of type 'add' with unique key attribute 'url' set to '/jakarta/isapi_redirect.dll'"

I am sure it is some sort of file permissions error, but I have no idea where to start to restore my site.

Thank you

    This topic has been closed for replies.
    Correct answer Charlie Arehart

    I think I have only good news for you. First, you may not need to uninstall. Also, I doubt the error is a permission issue.

     

    As for the error, that's an indication that some iis config element (xml) being set at the site level is already defined at the server level. There should be more detail in the error message page than what you quoted, indicating the file (perhaps web.config) and its path, as well as the line number.

     

    If not, look for a web.config file in the root of the failing site, and look for some element referring to that isapi_redirect.dll, and especially a url attribute, as indicated in the error.  Comment out that element (using html/xml rather than cfml comments), save the file, and repeat your request. You may see a new error, but there are not many such xml elements for cf. 

     

    Second as for the lockdown tool:

    • Yes, there is an uninstall for the autolockdown tool. It would have ben implemented with the installation, and should be available in an uninstall folder under the tool's folder.
    • There is also a log for the tasks performed, found under a lockdown folder with the cf folder
    • For more on the above, see two key Adobe resources on the tool, the docs and an Adobe blog post.

     

    Let us know how things go. (I can help directly if interested, but clearly I'm also happy to help for free here.) 

    2 replies

    E
    ebcohenAuthor
    Inspiring
    October 2, 2022

    Thank you so very much, Charlie. Your help is so on point, and on a Sunday. Do you have a tip jar or something?

    I couldn't seem to fix that problem, so I did uninstall the lockdown and it got me back to a working state.

    Charlie Arehart
    Community Expert
    Charlie ArehartCommunity Expert
    Community Expert
    October 3, 2022

    Thanks for the kind regards. No tip jar, pe se, but I do have a link to my Amazon wish list on my blog. 🙂  Of course, we're all here to help each other. And as for it being Sunday, I happen to be in Vegas for the CF Summit starting tomorrow, and I was at my computer when you posted your challenge.

     

    Bummer you weren't able to solve it before uninstalling, but I sense you feel the info may still help you going forward, and of course I hope it may help others who find this thread. 

    /Charlie (troubleshooter, carehart. org)
    Charlie Arehart
    Community Expert
    Charlie ArehartCommunity Expert
    Community Expert
    October 3, 2022

    No, I have not re-run the lockdown tool. The conditions that I ran it under previously are really the same, so I wouldn't expect different results. I think I'll need to do the changes manually.


    Oh, well, you certainly SHOULD be able to run it and have no problem. If you have a problem, it should be reported to Adobe and should be able to be fixed until they do. And note that the tool takes note of what it changes (and makes backups of some things) that it can restore on uninstall. 

     

    But I gather you're "once burnt, twice shy". So if you'll resort to manual lockdown, I understand. Sadly, the lockdown guide since cf2018 has been rewritten to presume one DOES use the lockdown tool. 

    /Charlie (troubleshooter, carehart. org)
    Charlie Arehart
    Community Expert
    Charlie ArehartCommunity ExpertCorrect answer
    Community Expert
    October 2, 2022

    I think I have only good news for you. First, you may not need to uninstall. Also, I doubt the error is a permission issue.

     

    As for the error, that's an indication that some iis config element (xml) being set at the site level is already defined at the server level. There should be more detail in the error message page than what you quoted, indicating the file (perhaps web.config) and its path, as well as the line number.

     

    If not, look for a web.config file in the root of the failing site, and look for some element referring to that isapi_redirect.dll, and especially a url attribute, as indicated in the error.  Comment out that element (using html/xml rather than cfml comments), save the file, and repeat your request. You may see a new error, but there are not many such xml elements for cf. 

     

    Second as for the lockdown tool:

    • Yes, there is an uninstall for the autolockdown tool. It would have ben implemented with the installation, and should be available in an uninstall folder under the tool's folder.
    • There is also a log for the tasks performed, found under a lockdown folder with the cf folder
    • For more on the above, see two key Adobe resources on the tool, the docs and an Adobe blog post.

     

    Let us know how things go. (I can help directly if interested, but clearly I'm also happy to help for free here.) 

    /Charlie (troubleshooter, carehart. org)
    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices