Copy link to clipboard
Copied
I think I've seen the answer to this alluded to in a couple other posts, but nothing explicitly stated as such. I'm installing ColdFusion 2023 Standard for the first time, and am unable to access the CF Admin except via the internal web server (http://127.0.0.1:8500/CFIDE/administrator/index.cfm on the server itself). Even after adding the Virtual Directory to the correct path in IIS and uncommenting the /CFIDE/ line in uriworkermap.properties (as I've been doing on installs since CF2018), I still cannot open my admin via a "regular" URL (http://myhost.mydomain.com/cfide/administrator), even on the server itself much less from my connected workstation. I get this message:
If you entered the URL manually please check your spelling and try again.
Tomcat/ISAPI/isapi_redirector/1.2.46
Again, I've seen references to how Adobe has made it "harder" to open access to one's CF Admin via this path, but nothing explicitly saying you CAN'T do it anymore. I know many consider it a security risk, but if it's still possible, I'd like to maintain that ease of access within our network (having to Remote Desktop to each server, wait for the desktop to load and then access the admin proves to be very inefficient).
Any definitive answers out there on this? Thanks!
I should follow up here and say that I discovered I could still access the CF Admin from my workstation (or wherever) by simply adding port 8500 to the URL (http://myhost.mydomain.com:8500/cfide/administrator), and a similar fix works for RDS in both VS Code and Homesite+. So that resolves my issue of not being able to access it without a Remote Desktop session, and leaves my question as just a point of curiosity - as we upgrade our other CF servers (all internal, not exposed to the internet),
...@jarviswabi You are right, this is an intended change due to a recent security issue. We are not allowing users to access CF admin via WebServer(IIS/Apache). I hope this answers your question.
Copy link to clipboard
Copied
I should follow up here and say that I discovered I could still access the CF Admin from my workstation (or wherever) by simply adding port 8500 to the URL (http://myhost.mydomain.com:8500/cfide/administrator), and a similar fix works for RDS in both VS Code and Homesite+. So that resolves my issue of not being able to access it without a Remote Desktop session, and leaves my question as just a point of curiosity - as we upgrade our other CF servers (all internal, not exposed to the internet), will I need to do the same thing? Is port 80 forever blocked from carrying CFIDE traffic?
Copy link to clipboard
Copied
@jarviswabi You are right, this is an intended change due to a recent security issue. We are not allowing users to access CF admin via WebServer(IIS/Apache). I hope this answers your question.