Along with what Rick & Rob suggested, you can also have CFIDE work via non-standard port. So you could have something like:
http://www.mysite.com:8600/cfide/administrator/index.cfm That way its not listen via port 80. Couple that with the suggestions that were given before and I think you'll be fine. Rey Steve Milburn wrote: > Hi all > > What do most people do to secure their CFIDE directory? How do you > prevent people from going to http://your_server_ip/cfide/administrator > and trying to hack your server? I've read various methods such as > moving the cfide folder, or having it only accessible by using > ColdFusions internal web server. I was hoping to get some feedback from > what others most commonly do. > > It is important, obviously, the current applications are still able to > access scripts used by cfform, and still have access to the ColdFusion > admin API. > > Thanks in advance. > --- > --- > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:270634 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
