System information
Adobe documentation - Confidential
Security > Administrator
Setting
Default
Recommendation
Description
ColdFusion
Administration
Authentication
Separate user
name and
password
authentication
Separate user
name and
password
authentication
Using separate usernames and
passwords allows you to specify
which parts of the ColdFusion
administrator each user may use.
Password Seed
Generate a
Cryptographically
Secure Random
Value
The password seed is used to
generate an encryption key to
encrypt passwords for datasources,
and other services.
Security > RDS
Setting
Default
Recommendation
Description
Enable RDS
Unchecked
Unchecked
RDS should not be enabled on
production server.
If RDS was previously enabled
ensure that the /WEB-INF/web.xml
does not contain a ServletMapping
for the RDSServlet.
Security > Sandbox Security
Setting
Default
Recommendation
Description
Enable ColdFusion
Sandbox Security
Unchecked
Checked
Sandboxes allow you to lock down
which CFML source files have access
the file system, tag / function
execution, datasource access, and
network access. It is highly
recommended that you setup a
sandbox or multiple sandboxes for
your applications.
Security > User Manager
Add user accounts for each administrator.
Adobe documentation - Confidential