Adobe 38043740 Lockdown Guide - Page 21
If you are not using cfchart and do not need access to any of the URIs below you may simply deny /CFIDE
 |
UPC - 883919135168
View all Adobe 38043740 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 21 highlights
Our strategy here is to block all URI's that do not need to be accessible to the public. Some of the resources we will block here may not pose any known threat but could be used to determine the version of ColdFusion you are running. Ideally we could block all /CFIDE, however if you use cfchart the generated graphics are rendered from /CFIDE/GraphData.cfm It is not possible using request filtering to deny the URI /CFIDE but then allow /CFIDE/GraphData.cfm for example. If you are not using cfchart and do not need access to any of the URIs below you may simply deny /CFIDE instead of listing each sub directory. 21
-
1 -
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16 -
17 -
18 -
19 -
20 -
21 -
22 -
23 -
24 -
25 -
26 -
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
 |
 |
21
Our strategy here is to block all URI’s that do not need to be accessible to the public. Some of the resources
we will block here may not pose any known threat but could be used to determine the version of ColdFusion
you are running. Ideally we could block all /CFIDE, however if you use cfchart the generated graphics are
rendered from /CFIDE/GraphData.cfm
It is not possible using request filtering to deny the URI /CFIDE but then allow /CFIDE/GraphData.cfm for
example.
If you are not using cfchart and do not need access to any of the URIs below you may simply deny /CFIDE
instead of listing each sub directory.