>>>Being stuck on CF 7, does anyone know if locking down the CF administrator pages via Windows authentication is sufficient? (Versus the alternative of ... ?)
As a related question, If I wanted to restrict access to the CF Admin would .htaccess on Centos Linux/Apache be sufficient? Or should I put other measures in place? If so, what other security measures would you all recommend. As always, many TIA, G? On Thu, Aug 12, 2010 at 2:44 PM, James Skemp <[email protected]> wrote: > > Secunia advisory: http://secunia.com/advisories/40909/ > > Being stuck on CF 7, does anyone know if locking down the CF administrator > pages via Windows authentication is sufficient? (Versus the alternative of > ... ?) > > Thanks, > > ~James > > > >I believe it addresses a potential vulnerability in ColdFusion > >Administrator. > > > >--- Ben > > > > > >They don't say what the vulnerability is but... > >http://www.adobe.com/support/security/bulletins/apsb10-18.html > > > > > >-- > >Michael Dinowitz > >Lead Author - Adobe Coldfusion Anthology > > > http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272 > >155/?tag=houseoffusion > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:336246 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
