Highlighted

Restricting access to CF Admin

Community Beginner ,
Apr 11, 2018

Copy link to clipboard

Copied

Based on the following article ( ColdFusion Help | Administer ColdFusion security ), I set the allowed IP as it stated for all 10.x.x.x addresses.

To add IP addresses that must be allowed access:

  1. Go to Security > Allowed IP Addresses > Add/Remove IP Addresses which will have Administrator access.
  2. In the IP Address text box, specify the IP addresses.
  3. Click Add.
  4. Repeat the procedures to add more IP addresses.
    Regular expressions are supported. That is, if you specify 10...*, all IP addresses starting with 10. are allowed access.

That is, I literally added 10...* as the allowed IPs, and wouldn't you know I locked out getting to CF admin from anywhere. I have tried from several 10.x.x.x addresses, and from the server itself (also 10.x.x.x) and for grins from a non 10.x.x.x address.

I get either:

Diagnostic Information:

You tried to access the ColdFusion Administrator or other internal components from a disallowed IP address (70.x.x.x). These ColdFusion components can only be accessed from localhost and other allowed IP addresses.

The error occurred on line -1.

or

Diagnostic Information:

You tried to access the ColdFusion Administrator or other internal components from a disallowed IP address (10.x.x.x). These ColdFusion components can only be accessed from localhost and other allowed IP addresses.

The error occurred on line -1.

Any thoughts or suggestions of how I can undo this without being able to get to the page to undo it?

And this is in our test environment.

Adobe Community Professional
Correct answer by Dave Watts | Adobe Community Professional

My guess is that this is saved in the neo-security.xml file, and you can go in there and remove it manually. Once you do that, I would recommend you add these two addresses:

127.0.0.1

10.*

I think the instructions have a bit of a typo in them.

Dave Watts, Fig Leaf Software

Views

1.2K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Restricting access to CF Admin

Community Beginner ,
Apr 11, 2018

Copy link to clipboard

Copied

Based on the following article ( ColdFusion Help | Administer ColdFusion security ), I set the allowed IP as it stated for all 10.x.x.x addresses.

To add IP addresses that must be allowed access:

  1. Go to Security > Allowed IP Addresses > Add/Remove IP Addresses which will have Administrator access.
  2. In the IP Address text box, specify the IP addresses.
  3. Click Add.
  4. Repeat the procedures to add more IP addresses.
    Regular expressions are supported. That is, if you specify 10...*, all IP addresses starting with 10. are allowed access.

That is, I literally added 10...* as the allowed IPs, and wouldn't you know I locked out getting to CF admin from anywhere. I have tried from several 10.x.x.x addresses, and from the server itself (also 10.x.x.x) and for grins from a non 10.x.x.x address.

I get either:

Diagnostic Information:

You tried to access the ColdFusion Administrator or other internal components from a disallowed IP address (70.x.x.x). These ColdFusion components can only be accessed from localhost and other allowed IP addresses.

The error occurred on line -1.

or

Diagnostic Information:

You tried to access the ColdFusion Administrator or other internal components from a disallowed IP address (10.x.x.x). These ColdFusion components can only be accessed from localhost and other allowed IP addresses.

The error occurred on line -1.

Any thoughts or suggestions of how I can undo this without being able to get to the page to undo it?

And this is in our test environment.

Adobe Community Professional
Correct answer by Dave Watts | Adobe Community Professional

My guess is that this is saved in the neo-security.xml file, and you can go in there and remove it manually. Once you do that, I would recommend you add these two addresses:

127.0.0.1

10.*

I think the instructions have a bit of a typo in them.

Dave Watts, Fig Leaf Software

Views

1.2K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Apr 11, 2018 0
Adobe Community Professional ,
Apr 11, 2018

Copy link to clipboard

Copied

My guess is that this is saved in the neo-security.xml file, and you can go in there and remove it manually. Once you do that, I would recommend you add these two addresses:

127.0.0.1

10.*

I think the instructions have a bit of a typo in them.

Dave Watts, Fig Leaf Software

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Apr 11, 2018 0
Community Beginner ,
Apr 12, 2018

Copy link to clipboard

Copied

Thanks Dave! I knew there was a config file somewhere. Obviously CF Admin is not my bread and butter. SO I was able to remove the IP I had added based on the technote, but two things as a takeaway....

  1. Don't add 127.0.0.1 first
  2. Add 10.*.*.* for the 10 scope, you cannot add 10.*, you get an error, and the 10...* in the technote does not work right.

So my list now works and looks like so:

Allowed IP Addresses for accessing ColdFusion Administrator and ColdFusion Internal Directories

10.*.*.*

127.0.0.1

Thanks for the assist, saved the day.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Apr 12, 2018 1