There's a lot of functionality in cfide.componentutils.cfcexplorer as well as service factory. They are great resources for developers but was not sure of what controls are in place to manage access in a hosted, shared, or production environment.
Is there a way to look at an IP address and determine if the IP is public or private? This is working with the assumption that dev and stage zones would not be publicly accessible. Tom -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Barney Boisvert Sent: Thursday, August 11, 2005 2:44 PM To: [email protected] Subject: Re: [CFCDev] cfcexplorer Be careful, because CFFORM uses the scripts inside /CFIDE/scripts, so you can't just hide the whole directory. But the admin and stuff definitely shouldn't be web accessible. At the very least, set up a different vhost on the same IP where you get to it, but better to run it on an entirely different site with all the access control you can muster. cheers, barneyb On 8/11/05, Munson, Jacob <[EMAIL PROTECTED]> wrote: > I have read 'best practices' somewhere that stated you should not have > the CFIDE open to /anyone/ on a public site. I guess you can't just > move it, because a lot of CF functionality relies on the stuff being > there, but you can and should use your web server to hide it from the > outside world. If you need your hosting customers to have access to the > CF admin panels (which live under CFIDE), you can give them access to > the functions they need using the admin api, and put your files in a > public location. -- Barney Boisvert [EMAIL PROTECTED] 360.319.6145 http://www.barneyb.com/ Got Gmail? I have 50 invites. ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). CFCDev is supported by New Atlanta, makers of BlueDragon http://www.newatlanta.com/products/bluedragon/index.cfm An archive of the CFCDev list is available at www.mail-archive.com/[email protected] ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). CFCDev is supported by New Atlanta, makers of BlueDragon http://www.newatlanta.com/products/bluedragon/index.cfm An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
