Adobe® ColdFusion® 10 Server Lockdown Guide
Adobe® ColdFusion® 10 Server Lockdown Guide
Adobe® ColdFusion® 10 Server Lockdown Guide
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Please note: Changing the port setting may cause the shutdown of the ColdFusion Service on Windows<br />
to fail, you may need to kill the process manually to stop ColdFusion. The Linux shutdown script<br />
should still work properly when the port is changed.<br />
4.3.5 Add a connector shared secret<br />
Specify a shared secret for the AJP connector by editing<br />
{cf.instance.home}/runtime/conf/server.xml<br />
Look for a line similar to:<br />
<br />
Add a requiredSecret attribute with a random strong password:<br />
<br />
Next edit the corresponding workers.properties file, eg<br />
{cf.home}/config/wsconfig/1/workers.properties and add a line:<br />
worker.cfusion.secret=yourSecret<br />
4.3.6 Additional Tomcat Security Considerations<br />
Consult the Tomcat 7 Security Considerations document (http://tomcat.apache.org/tomcat-7.0-doc/securityhowto.html)<br />
for additional tomcat specific security settings.<br />
4.3.7 Additional File Security Considerations<br />
Pay careful attention to the file permissions of sensitive configuration files located in<br />
{cf.instance.home}/lib/ such as password.properties, seed.properties and all neo-*.xml<br />
files. In addition the files located in {cf.instance.home}/runtime/conf/ contain important configuration<br />
files utilized by the Tomcat container.<br />
56