System information
Adobe documentation - Confidential
Setting
Default
Recommendation
Description
Enable WebSocket
Service
Unchecked
Unchecked if not
needed.
Disable the WebSocket Service if not
required by your applications.
Data & Services > Data Sources
Remove the example data sources, cfartgallery, cfbookclub, cfcodeexplorer, cfdocexamples.
Setting
Default
Recommendation
Description
Login Timeout (sec)
30 Seconds
5 Seconds
Decrease this value to be less than
the Timeout Requests after setting.
Query Timeout
(seconds)
0 (no timeout)
Specified
Specify an upper limit to mitigate
DOS attacks.
Allowed SQL
SELECT,
INSERT,
UPDATE ,
DELETE,
CREATE, DROP,
ALTER, GRANT,
REVOKE, Stored
Procedures
Enable only what
your application
requires.
The CREATE, DROP, ALTER,
GRANT, and REVOKE operations
are not commonly used in web
applications.
Ensure that the database user that
ColdFusion connects as, also has
limited permissions to only what is
necessary.
Data & Services > ColdFusion Collections
Remove the example collection: bookclub.
Data & Services > Flex Integration
Setting
Default
Recommendation
Description
Enable Flash
Remoting support
Checked
Unchecked if not
used.
Disable Flash Remoting if it is not
being used. Note Flash Remoting is
used by the Server Monitoring
feature in the Enterprise edition.
Enable RMI over SSL
for Data
Management
Unchecked
Checked if using
LiveCycle Data
Services ES
Enable and specify a keystore and
password if using LiveCycle Data
Services ES with Flex.
Adobe documentation - Confidential