connectionTimeout="20000"
redirectPort="8445" />
This must be repeated for each ColdFusion instance created.
4.3.3 Apply any ColdFusion additional Security Patches
Visit:
http://www.adobe.com/support/security/
and install any relevant security hotfixes not already installed.
4.3.4 Tomcat Shutdown Port
Tomcat listens on a TCP port (8007 by default, may differ if multiple instances) for a SHUTDOWN command.
When the command is received on the specified port the server will shutdown.
Edit the file {cf.instance.home}/runtime/conf/server.xml and locate the line similar to:
<Server port="8007" shutdown="SHUTDOWN">
Change 8007 to -1 to disable this feature, or to random port number. Tomcat should only listen on 127.0.0.1
for this port, however you should also ensure that your firewall does not allow external connections to this port.
Also consider changing the shutdown command, that is the value of the shutdown attribute of the Server
tag. This string is essentially a password used to shut down the server locally when the port is enabled.
Next look in: {cf.instance.home}/bin/port.properties and edit the following line to match
server.xml port value:
SHUTDOWN=8007
Ensure that global read permission is denied for both these files.
and read all pertinent ColdFusion Security Bulletins. Download
55