System information
Adobe documentation - Confidential
Add IP Restrictions to /CFIDE
In IIS expand the ColdFusion Administrator site you created and select the CFIDE folder. Click on Edit
Feature Settings… and specify Access for unspecified clients: Deny, and Deny Action Type: Not Found
Click Add Allow Entry… and enter IP addresses that are allowed to access /CFIDE for example 127.0.0.1.
Next, if you use any of the tags listed in section 2.16, browse to the /CFIDE/scripts folder in IIS and
specify Access for unspecified clients: Allow.
Set Access for unspecified clients: to Allow for any other sub folders that may require public access.
Remove the /CFIDE Virtual Directories
The ColdFusion Web Server Configuration Tool adds a /CFIDE virtual directory to each website that is
configured, in most cases you will not need this defined on every web site.
If your server has a lot of sites configured it can be tedious to remove each manually, you can use
appcmd.exe to remove all CFIDE virtual directories by running this following:
appcmd list vdir /path:"/CFIDE" -xml | appcmd delete vdir -in
You will then need to add the /CFIDE alias back to your ColdFusion administrator site.
Update the JVM to the latest supported version
The Java Virtual Machine (JVM) included with the ColdFusion installer may not contain the latest java
security hotfixes. You must periodically check with Oracle for JVM security hotfixes.
Visit
java.oracle.com and download the latest Java Runtime Environment (JRE) supported by
ColdFusion 11.
Adobe documentation - Confidential