Adobe Cold Fusion 10.0 Lockdown Guide Cf10 Lg Eng
User Manual: adobe ColdFusion - 10.0 - Lockdown Guide Free User Guide for Adobe ColdFusion Software, Manual
Open the PDF directly: View PDF
Page Count: 58
- Section 1: Introduction
- Section 2: Installation Prerequisites
- 2.1 Prerequisites for all ColdFusion installations
- 2.2 Prerequisites for a Windows 2008 Server Installation
- 2.2.1 Create Dedicated User Accounts
- 2.2.2 Create Web Root Directory
- 2.2.3 Grant the Permission to Web Site Root Directories
- 2.2.4 Add / Remove IIS Server Roles
- 2.2.5 Delete Default IIS Web Site
- 2.2.6 IIS Application Pool Settings
- 2.2.7 Anonymous Access Identity
- 2.2.8 Setup Request Filtering
- 2.2.9 Create a Website For ColdFusion Administrator
- 2.3 Prerequisites for a RedHat Enterprise Linux 6.3 Installation
- Section 3 Installing ColdFusion
- Section 4 Post ColdFusion Installation
- 4.1 Windows 2008 Post ColdFusion Installation
- 4.1.1 Install ColdFusion Hotfixes
- 4.1.2 Setup Permissions on ColdFusion installation directory
- 4.1.3 Specify Log On User for ColdFusion Services
- 4.1.4 Remove /CFIDE and /cfdocs virtual directories added by installer
- 4.1.5 Setup Virtual Directory alias for /CFIDE/scripts/
- 4.1.6 Update Java Virtual Machine
- 4.1.7 Block Unused file types
- 4.1.8 Remove Unused Handler Mappings
- 4.1.9 Handler Mapping Settings
- 4.1.10 Optionally Remove ASP.NET
- 4.2.1 Install ColdFusion Hotfixes / Updates
- 4.2.2 Specify permissions on web sites
- 4.2.3: Specify permissions for ColdFusion Directories
- 4.2.4: Install Apache Connector
- 4.2.5 Create a virtual mapping for /CFIDE/scripts
- 4.2.6 Update Java Virtual Machine
- 4.2.7 Setup Auditing
- 4.2.8 Add umask to startup script
- 4.3.1 Enable Sandbox Security
- 4.3.2 Remove Tomcat Web Server on cfusion instance
- 4.3.3 Apply any ColdFusion additional Security Patches
- 4.3.4 Tomcat Shutdown Port
- 4.3.5 Add a connector shared secret
- 4.3.6 Additional Tomcat Security Considerations
- 4.3.7 Additional File Security Considerations
- 4.1 Windows 2008 Post ColdFusion Installation
- Section 5: ColdFusion Administrator Settings
- 5.1 Server Settings > Settings
- 5.2 Server Settings > Request Tuning
- 5.3 Server Settings > Client Variables
- 5.4 Server Settings > Memory Variables
- 5.5 Server Settings > Mail
- 5.6 Data & Services > Data Sources
- 5.7 Data & Services > Flex Integration
- 5.8 Debugging & Logging > Debug Output Settings
- 5.9 Debugging & Logging > Debugger Settings
- 5.10 Debugging & Logging > Logging Settings
- 5.11 Event Gateways > Settings
- 5.12 Security > Administrator
- 5.13 Security > RDS
- 5.14 Security > Sandbox Security
- 5.15 Security > Allowed IP Addresses
- 5.16 Server Update > Updates > Settings
- Section 6: ColdFusion Server Services
- 6.1 Servlets and Servlet Mappings in web.xml
- 6.2 Disabling RDS if Already Installed
- 6.3 Disabling support for JWS files
- 6.4 Disabling the GraphServlet
- 6.5 Disabling Flash Remoting Servlet Mappings
- 6.6 Disabling Flash Form Servlet Mappings
- 6.7 Disabling the CFReport Servlet Mapping
- 6.8 Remove WSRP Servlet Mapping
- 6.9 Disabling the CFFileServlet Mapping
- 6.10 Disabling Remote CFC Invocation
- 6.11 Adding ClickJacking Protection
- 6.12 Security Constraints in web.xml
- Section 7: Patch Management Procedures
- Appendex A: Sources of Information
- Appendix B: List of Acronyms