This is pretty much exactly what we do for our shared servers. We take it a step further by only setting read only on most of the directories in case a customer is not in a sandbox.
Ill dig up our internal kb article tomorrow and send out over to you. Byron Mann Lead Engineer and Architect Hostmysite.com On Sep 20, 2012 7:16 PM, "Russ Michaels" <[email protected]> wrote: > > > In general just create a new user for cf service and only give it access > to your wwwroot, coldfusion, and system temp folders. > There is a lockdown guide somewhere, but i find that a biy ovrrkill. > > Regards > Russ Michaels ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352695 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
