 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussion GroupsGeneralPHPASPPerlColdFusionFlashHTML, CSS, ScriptsBrowsers |
Webmaster Forum / ColdFusion / Server Administration / August 2008Limiting external access to CF Administrator
Is there a way to change the default port of CF Administrator from port 8080 to another port? I would like to prevent the ability for people outside of my local network from accessing CF Administrator. I have a new username/password but I would prefer that they cannot even access the login screen to guess what the password may be. Any help is greatly appreciated. I believe you can change it in cf_root\runtime\servers\coldfusion\SERVER-INF\jrun.xml Search for "This is the built-in JRun Web Server" and the port attribute should be right under there, it's near the bottom of the document Thank you for your quick response. I found the entry you suggested: <!-- This is the built-in JRun Web Server --> <!-- =========================================== --> <service class="jrun.servlet.http.WebService" name="WebService"> <attribute name="port">8500</attribute> <attribute name="interface">*</attribute> <attribute name="deactivated">false</attribute> <attribute name="activeHandlerThreads">50</attribute> <attribute name="minHandlerThreads">1</attribute> <attribute name="maxHandlerThreads">1000</attribute> <attribute name="mapCheck">0</attribute> <attribute name="threadWaitTimeout">300</attribute> <attribute name="backlog">500</attribute> <attribute name="timeout">300</attribute> </service> So if I change the default port of 8500 to something else than this will prevent external users from accessing the CF Admin login page? I am installing CF on Apache and am not using the built-in server. Does that make a difference? Sorry but I do not have a lot of experience configuring CF. Not sure what web server you're using but you could limit access to the cfide/administrator folder by IP address. It's a simple process in Windows Server (2003,2008). We are trying to run CF on Red Hat Linux. Would it make more sense to just move the /cfide/administrator folder elsewhere on the server? Is there any documentation that you might be able to point me to regarding either of these options? > We are trying to run CF on Red Hat Linux. Would it make more sense to just move > the /cfide/administrator folder elsewhere on the server? Is there any > documentation that you might be able to point me to regarding either of these > options? I suspect that your "external users" are not connecting to port 8500, so what you are going to change it to is irrelevant, because it is you WEB server (Apache?) that is forwarding external requests for cfm files to your CF server... Restrict access to /CFIDE/Administrator directory and subdirectories in you WEB server config... You can change that port all day long. But until you put some network rules in place, it is going to be available to anyone. You might want to consider firing up the firewall on your machine to limit who can access the port you've defined for your administrator. Generally, I remove the administrator and adminapi folders from my web server's virtual path to /cfide. However, CF will still process requests to that folder even though administrator and adminapi are gone. So I follow that up with a rewrite rule instructing the web server to send back a 404 should someone try to access it that way. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.