FYI, you can move/copy the js files out of cfide and configure CF to
reference them from the new location.
See http://kb2.adobe.com/cps/000/3e56e2e5.html, and probably other docs
too.
To answer your original question, I lock down the IP addresses that can
access /cfide to prevent anyone from outside of the company from hitting
any of those pages.
Thanks
Mark
-----Original Message-----
From: Robert Rawlins [mailto:[email protected]]
Sent: Tuesday, May 26, 2009 12:18 PM
To: cf-talk
Subject: Secure CFIDE Virtual Directory
Hello Guys,
Looking for your advice on the best way to create a secure IIS virtual
directory to /CFIDE. My understanding is that certain folders within
that need to web accessible for cfchart,cfform,cfdocument to work, is
that correct? However I don't want to expose my /cfide/administrator and
/cfide/adminapi to the wide world :-) or anything else which might post
a security risk for that matter.
What is the best way of doing this? I'm thinking about creating a copy
of the CFIDE folder and calling it SecureCFIDE (or something to that
effect), it contains only the required elements and not the admin panel
etc, then creating a Virtual Directory link to that in the IIS sites
that require it, does that sound like a fair idea? Which files are
required?
Cheers all,
Rob
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know
on the House of Fusion mailing lists
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:322788
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
