Adobe 38043740 Lockdown Guide - Page 31
AuthType Digest, AuthName cfadmins
 |
UPC - 883919135168
View all Adobe 38043740 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 31 highlights
SSLRequireSSL The above requires that mod_ssl and openssl are installed and configured. Finally lets require authentication for the /CFIDE/administrator URI, this will allow you to audit which administrators have made changes to the administrator settings. In this example we use Digest authentication, which requires a modern web browser (IE 6 and below may not work correctly) and mod_auth_digest installed on the server side. First we need to create a password file: # /usr/bin/htdigest -c /etc/httpd/cfadmin.digest.pwd cfadmins petefreitag The above command will create or overwrite password file in the specified location, and create a user named petefreitag in group cfadmins. To add more users omit the -c flag. Next lets specify permissions such that only root can write to this file, and apache can only read it: # chown root:apache /etc/httpd/cfadmin.digest.pwd # chmod 640 /etc/httpd/cfadmin.digest.pwd Now add the following to the httpd.conf file: AuthType Digest AuthName "cfadmins" AuthDigestProvider file AuthUserFile /etc/httpd/cfadmin.digest.pwd Require valid-user Restart Apache and visit https://localhost/CFIDE/administrator/ and ensure that you are prompted with a password, and that SSL is required. At this point since ColdFusion is not installed it should result in a 404 if authentication is successful. 31
-
1 -
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26 -
27 -
28 -
29 -
30 -
31 -
32 -
33 -
34 -
35 -
36 -
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
 |
 |
