> > That approach may work in some cases, but there are cases where > > /CFIDE/administrator/index.cfm may still resolve even if there is no > > folder there (or no virtual directory). > > You're going to have to explain how /CFIDE/administrator/index.cfm could > resolve when the CFIDE mapping is pointing to a directory that is a > duplicate CFIDE with *all* the administrator folders removed. > > I must be missing something here but how can it resolve when there is > definitely no file or folder and the mappings in CF and the web server all > point at the duplicate? Has CF got some special code that I should know > about that breaks the rules as to how web servers work? I've been working > with CF since 4.0 and never seen it serve a page that does not exist...
First, I strongly recommend you actually try to get the URL and see what happens. OK, now that you've done that: CF serves all sorts of pages that don't exist. You may read up in this very thread about CFCHART, which relies on a URL pattern that doesn't exist. CF relies on servlet mappings, which may or may not correspond with actual URLs. Typically, they do, but there are some specific URL mappings that are created by default when you install CF, and one of them is /CFIDE/Administrator/index.cfm. Another is /CFIDE/Main/ide.cfm - this is another file that doesn't even exist by default. So, you need to specifically configure your web server to reject these patterns. The CF 9 Lockdown Guide (which I believe Pete wrote in part, if not in full) describes how to do this for IIS and Apache. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:354292 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
