System information
Adobe documentation - Confidential
URI
Purpose
Safe to Block
/flex2gateway
Flex Remoting
Only if Flex Remoting is not
used.
/cfform-internal
Used for <cfform
format=flash>
Only if Flash Forms are not
used.
/flex-internal
Flex Remoting
Only if Flex Remoting is not
used.
/cffileservlet
Serves dynamically generated
assets. It supports the cfreport,
cfpresentation, cfchart, and
cfimage
(with action=captcha and
action=writeToBrowser) tags
Only if cfreport,
cfpresentation, cfchart and
cfimage are not used.
/rest/
Used for Rest web services
support.
Only if CF10 REST web
services are not used.
/WSRPProducer
Web Services Endpoint for
WSRP.
Usually, unless WSRP is used.
.svn
If you use subversion to
deploy your ColdFusion
applications you can block
the .svn folders, which may
allow source code disclosure.
Yes
Adobe documentation - Confidential