Adobe 38000827 Administration Guide - Page 35

Security section The Security section of the Administrator lets you configure the security frameworks of ColdFusion MX. For more information on security, see Chapter 4, "Administering Security" on page 49. CF Admin Password page You use the CF Admin Password page of the Administrator to enable and disable password-restricted access to the Administrator, and to change the Administrator password. RDS Password page You use the RDS Password page to enable and disable password-restricted access to server resources from Dreamweaver MX or ColdFusion Studio using Remote Development Services (RDS), and to change the password. Sandbox Security page The Sandbox Security page has two areas-Enable ColdFusion Security and Sandbox Settings. Enable ColdFusion Security Settings area Use this area to enable ColdFusion security. Once enabled, you can secure ColdFusion in the following ways: • Administrative access Protects access to Administrator pages with a password. • Application development Protects access to data sources and files with passwords and blocks access to some sensitive ColdFusion tags. • Application deployment Prevents applications from executing several ColdFusion tags that could be used to update, delete, or manipulate server files. Sandbox Settings area Sandbox security uses the location of your ColdFusion pages to determine functionality. A sandbox is a designated area (files or directories) of your site to which you apply security restrictions. By default, a subdirectory (or child directory) inherits the sandbox settings of the directory one level above it (the parent directory). If you define sandbox settings for a subdirectory, you override the sandbox settings inherited from the parent directory. Use sandbox security to control access to: • Data sources • Tags • Functions • Files and directories • IP ports Security section 27