Thank you very much to everybody for your responses. Not knowing the setup was called "distributed mode" I had a hard time searching for the answer :-)
> It is not an unheard of idea in security. Just expose you web server > with almost nothing on it to the wild word web, keep your application > server locked as best as you can behind firewalls and other security > measures. This makes sense and I have no problem with the idea of separating the app server from the web server. I've just never heard of anybody doing it with ColdFusion, specifically, for security reasons. So I was wondering whether there's any actual security advantage to doing this or whether it's just "corporate policy" being applied with a heavy hand. Regarding using distributed mode vs. a reverse proxy, the servers at hand are already set up and configured. The guy who originally did the work is out of the picture and I have to support it now, but had never seen this configuration. I keep saying to the client "I have no idea how this works" but figured it was time to get a clue. Maybe a reverse proxy would work in this situation, but IIS is serving the ColdFusion content, so it's not being redirected by a reverse proxy or load balancer as far as I can tell. Also the network people would likely know about this scenario. They need a small bit of code now to run ON the web server and want it written in ColdFusion, which will entail running another instance of ColdFusion actually on the web server to handle just this code. I guess that will have to run on another port, so they'll now have ColdFusion on their app server running their app, plus ColdFusion on their web server running just a little proxy connector. This is why I'm asking about actual security concerns with running the app server on the web server, as this is what they'll now be doing, against their policy, but I guess it's OK as they'll be running their actual app on their app server behind their firewall ... I'm sure you can see why I'm trying to get to the bottom of why they're doing that they're doing... Thanks again, - Andrew. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:316529 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
