Adobe 38043740 - ColdFusion Standard - Mac Manual page 31

<Location /CFIDE/administrator>
SSLRequireSSL
</Location>
The above requires that mod_ssl and openssl are installed and configured.
Finally lets require authentication for the /CFIDE/administrator URI, this will allow you to audit which
administrators have made changes to the administrator settings. In this example we use Digest authentication,
which requires a modern web browser (IE 6 and below may not work correctly) and mod_auth_digest
installed on the server side. First we need to create a password file:
# /usr/bin/htdigest -c /etc/httpd/cfadmin.digest.pwd cfadmins petefreitag
The above command will create or overwrite password file in the specified location, and create a user named
petefreitag in group cfadmins. To add more users omit the -c flag.
Next lets specify permissions such that only root can write to this file, and apache can only read it:
# chown root:apache /etc/httpd/cfadmin.digest.pwd
# chmod 640 /etc/httpd/cfadmin.digest.pwd
Now add the following to the httpd.conf file:
<Location /CFIDE/administrator>
AuthType Digest
AuthName "cfadmins"
AuthDigestProvider file
AuthUserFile /etc/httpd/cfadmin.digest.pwd
Require valid-user
</Location>
Restart Apache and visit https://localhost/CFIDE/administrator/
password, and that SSL is required. At this point since ColdFusion is not installed it should result in a 404 if
authentication is successful.
and ensure that you are prompted with a
31