Adobe 38043740 - ColdFusion Standard - Mac Manual page 79
Server lockdown guide
Hide thumbs
Also See for 38043740 - ColdFusion Standard - Mac:
- User manual (112 pages) ,
- Development manual (1350 pages)
Table of Contents
Advertisement
If you are not using the cfreport you can change the servlet mapping for *.cfr to point to the
CFForbiddenServlet, this servlet will return 403 forbidden response if a cfr file is requested:
<servlet-mapping id="coldfusion_mapping_12">
<servlet-name>CFCServlet</servlet-name>
<url-pattern>*.cfr</url-pattern>
</servlet-mapping>
Change to:
<servlet-mapping id="coldfusion_mapping_12">
<servlet-name>CFForbiddenServlet</servlet-name>
<url-pattern>*.cfr</url-pattern>
</servlet-mapping>
Be sure to remove the .cfr mapping on the web server.
6.8 Remove WSRP Servlet Mapping
The WSRP Servlets and Filters are used to support Web Services for Remote Portlets, a SOAP based API for
serving portlets. If this feature is not used the web services
Remove the WSRPFilter Servlet Mapping:
<servlet-mapping>
<servlet-name>WSRPProducer</servlet-name>
<url-pattern>/WSRPProducer/*</url-pattern>
</servlet-mapping>
6.9 Disabling the CFFileServlet Mapping
The CFFileServlet is used to serve dynamically generated assets. It is used to support the following tags
cfreport, cfpresentation, and cfimage (with action=captcha and action=writeToBrowser). If you are not using
these features you may remove the servlet mapping:
79
Advertisement
Table of Contents
Related Manuals for Adobe 38043740 - ColdFusion Standard - Mac
Related Products for Adobe 38043740 - ColdFusion Standard - Mac
- Adobe 38040334 - Dreamweaver CS3
- Adobe 38040286 - Contribute CS3 - PC
- Adobe 38040165 - Visual Communicator - PC
- Adobe 38043755 - ColdFusion Enterprise - Mac
- Adobe 38000511 - Macromedia Flash Basic
- Adobe 38039927 - Fireworks CS3 - PC
- Adobe 38039481 - Flash CS3 Professional
- Adobe 38000827 - Macromedia ColdFusion MX Standard Edition