The easy way to achieve this is to restrict the IPs to which the webserver will respond.
-----Original Message----- From: John Munyan [mailto:[EMAIL PROTECTED] Sent: Saturday, 15 January 2005 5:33 To: CF-Talk Subject: SOT: Securing CF Admin Hi, I have been searching around the internet looking for how best to secure cfadmin. The prescribed method is to either remove cfadmin, or to protect it via file level security. Is there a cf-talk best practice for this, lessons learned etc. I would certainly love to hear how others have locked this down. It would be ideal if it could be run local to the ColdFusion box, but not remotely. Any luck with such a configuration? The server itself with w2k3 iis6. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware: a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:190695 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
