System information
Adobe documentation - Confidential
<Context path="/"
docBase="/opt/cf11/cfusion/wwwroot"
WorkDir="/opt/cf11/cfusion/runtime/conf/Catalina/localhost/tmp"
aliases="/cfide-scripts=/opt/cf11/cfusion/wwwroot/CFIDE/scripts" />
Next you must specify the URI alias you used in the ColdFusion administrator under the Default ScriptSrc
Directory on the Server Settings > Settings Page.
Lock Down CFIDE and other URIs
First lets tell apache to deny all requests to /CFIDE except those from 127.0.0.1 (or some other
administrator IP address).
<LocationMatch "(?i).*/CFIDE">
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</LocationMatch>
To block a URI for all IPs (including 127.0.0.1) you can use the RedirectMatch directive to instruct
Apache to return a 404 or 403 error page, for example the following uris may never need to be
accessed:
RedirectMatch 404 (?i).*/CFIDE/adminapi.*
RedirectMatch 404 (?i).*/CFIDE/appdeployment.*
RedirectMatch 404 (?i).*/CFIDE/componentutils.*
RedirectMatch 404 (?i).*/CFIDE/wizards.*
RedirectMatch 404 (?i).*/CFIDE/scripts.*
RedirectMatch 404 (?i).*/CFIDE/debug.*
RedirectMatch 404 (?i).*/CFIDE/probe.*
RedirectMatch 404 (?i).*/CFIDE/main.*
Repeat the above steps for any other URIs within /CFIDE that you need to allow public access to. See
Table 2.1 for a list of URIs under /CFIDE that you may want to allow. Ensure that any URI you want to
allow public access to does not match one of the RedirectMatch patterns above.
There are several additional URIs that ColdFusion serves outside of /CFIDE by default. See Table 2.2 to
determine which URIs you may be able to block.
RedirectMatch 404 (?i).*/WEB-INF.*
RedirectMatch 404 (?i).*/cfformgateway.*
RedirectMatch 404 (?i).*/flex2gateway.*
RedirectMatch 404 (?i).*/cfform-internal.*
RedirectMatch 404 (?i).*/flex-internal.*
RedirectMatch 404 (?i).*/cffileservlet.*
RedirectMatch 404 (?i).*/flashservices.*
RedirectMatch 404 (?i).*/JSDebugServlet
RedirectMatch 404 (?i).*/rest/.*
Adobe documentation - Confidential