cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

Locking down a Coldfusion instance admin page

JimGilley
New Here ,
Jul 22, 2009 Jul 22, 2009

I am have been looking around and cannot find the answer anywhere.  I have a web site running on a coldfusion instance, which now has become a problem because you can reach the admin page (www.domain.com/cfide/administrator/index.cfm) which is causing a security issue.

Obviously we have changed the default passwords for all the default accounts but we need to hide this page from outside viewers.  Since this is the way into the administrator for that instance how do I lock this down?

965
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

JR__Bob__Dobbs-qSBHQ2
Advisor , Jul 22, 2009 Jul 22, 2009

You have two options

1. Use the security provided by your web server (Apache or IIS) to restrict access to the admin site.

2. Remove the admin pages from your production web server.

See this article from Adobe.

http://kb2.adobe.com/cps/172/tn_17254.html

Translate
replies 3 Replies 3
latest latest Jump to latest reply
JR__Bob__Dobbs-qSBHQ2
Advisor ,
Jul 22, 2009 Jul 22, 2009

You have two options

1. Use the security provided by your web server (Apache or IIS) to restrict access to the admin site.

2. Remove the admin pages from your production web server.

See this article from Adobe.

http://kb2.adobe.com/cps/172/tn_17254.html

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
JimGilley
New Here ,
Jul 22, 2009 Jul 22, 2009
LATEST
In Response To JR__Bob__Dobbs-qSBHQ2

I had tried locking it down through IIS but that did not work at first.  So when I recieved your message I tried again by creating a virtual directory and pointing it to the actual folder this time (instead of the fake empty one before) and then locking that down and that worked.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
ilssac
Valorous Hero ,
Jul 22, 2009 Jul 22, 2009

A slight variation that is a combonation of the previous two suggestions.

On our production server we installed the CFIDE instance into a private virtural host that can only be accessed from a limited white list of IP address.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices