How to lock down Coldfusion Securely

By | May 10, 2013

As of late, Adobe and Java have been getting pummeled with 0 day exploits leading to numerous hacks and compromised servers.  In light of this Adobe has taken the position that if you get hacked and did not follow the 60+ page guide it’s your own fault.  Well, if you’re interested in keeping CF Secure, here is the lovely guide they took the time to actually write rather than making their product less exploitable.  Fantastic!

I will say, one good thing can come of this guide.  It gives good tips for locking down your web server and everyone, whether you use CF or not, should use this.  If you have an admin interface for your application or application server, you should apply these instructions to your server.

CF10 Lockdown Guide