Cannot access CFIDE via IIS

Report · Jan 09, 2017

The organization I work with has locked down the server so you cannot use a browser on it at all and locked down the browsers on all machines so you cannot include a port number in your http request. Until CF11/2016, this was not a problem as I just mapped a virtual directory to CFIDE and could access the administrator there. Since CF11, I have not been able to map to cfide/administrator. When I try I just get an error 500. Does anyone know a work-around so I can still map the CFIDE to get to the administrator's console?

Report · Jan 09, 2017

Donald, I'm running out the door so can offer only a brief answer.

It is only CF2016 which prevents using eh Admin via the external web serer (IIS in your case). CF11 does not prevent it.

If you came from CF9 or earlier to CF11, note that as of CF10, the CFIDE folder that the virtual directory (in IIIS) must point to is in the coldfusion11\cfusion\wwwroot\CFIDE, rather than in perhaps some other location you'd used before like inetpub\wwwroot\CFIDE.

What's happening when you define or confirm a CFIDE VD is defined, and you browse that way? If you're getting an error, there may be some other explanation.

For instance, you say you locked things down. Did you use the IIS "request filter" feature to block CFIDE/administrator access? You would then want to remove that feature in the site where you DO want to allow Admin access.

Finally, you could also enabled the built-in web server in CF, and then access the CF admin via the 8500 port, by default. You may find that even works.

I'm afraid I can't offer details on how to do all these things, but I hope they may get you going. Do let us know. Perhaps others can elaborate on any more you'll need, as I may not be on again for 24 hours or more.

/Charlie (troubleshooter, carehart.org)

Report · Jan 10, 2017

Charlie,

Thanks for the response, but I am not locking down anything with request filters, the organization I am on contract with has locked down the client workstations with GPO settings that will not let them browse to any address that has a port number in it. Similar GPO settings on the server prevent it from browsing to any address, including the local machine. I did some more experimenting and I may have found the solution yesterday. I set up a new site I called cfAdministration pointing the default site (inetpub\wwwroot) then I mapped a virtual directory I called cfroot to the CF2016 root instance's cfusion\wwwroot and one I called cfide to the cfusion\wwroot\cfide. I then created a URL pointing to cfAdministration and I can now administer it like I did with CF9 and CF10. This was all done on our development network. It may be a few weeks before I can test it on the production network, but theoretically it should work.

Report · Jan 11, 2017

Thanks for the update. It sounds like simply creating a site with a CFIDE mapping should have done it for you. I thought you said that was not working, thus my other suggestions. Oh well, glad you got it working.

/Charlie (troubleshooter, carehart.org)

Adobe Community

Cannot access CFIDE via IIS