Adobe® ColdFusion® 10 Server Lockdown Guide
Adobe® ColdFusion® 10 Server Lockdown Guide
Adobe® ColdFusion® 10 Server Lockdown Guide
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Section 2: Installation Prerequisites<br />
Before running the ColdFusion <strong>10</strong> installer follow the steps in this section to prepare your Web <strong>Server</strong> for<br />
installation.<br />
2.1 Prerequisites for all ColdFusion installations<br />
Create a separate partition / drive for ColdFusion Installation and website assets. This mitigates the<br />
successfulness of path traversal attacks.<br />
Install the latest security patches for your Operating System<br />
Install the latest security patches for your Web <strong>Server</strong> Software<br />
Configure your Firewall to block all non-administrative traffic to the server during installation.<br />
Download ColdFusion <strong>10</strong> from Adobe.com<br />
Verify that the MD5 checksum of the downloaded file matches the MD5 specified on the Adobe.com download page.<br />
On Mac OSX:<br />
To obtain the MD5 checksum of a file on Mac OSX launch Terminal.app and type: md5 filename<br />
On Linux:<br />
To obtain the MD5 checksum of a file on RedHat Enterprise Linux open a shell and type: md5sum filename<br />
On Windows:<br />
Windows installations do not include a MD5 checksum verifier by default. Microsoft provides a free MD5 checksum verifier called<br />
sigcheck.exe as part of SysInternals toolkit. Download the utility, open the command prompt and type sigcheck -h<br />
filename. The sigcheck utility not only generates a MD5 sum, it also verifies the signature of the ColdFusion installation<br />
executable (you should see Verified: Signed in the program output).<br />
2.2 Prerequisites for a Windows 2008 <strong>Server</strong> Installation<br />
Read the Microsoft Windows Security Compliance Management Toolkit (see Appendix A.1)<br />
Run Windows Update to ensure all software is up to date<br />
3