Adobe 38043740 Lockdown Guide - Page 41

Section 4 - Post ColdFusion Installation 4.1 Windows 2008 Post ColdFusion Installation 4.1.1 Install ColdFusion Hotfixes Note: At the time of this writing you will need to install the ColdFusion 10 Mandatory Update before you can install any Hotfixes: See http://helpx.adobe.com/coldfusion/kb/coldfusion-10-mandatory-update.html Login to ColdFusion administrator and click on Server Updates > Updates and then select the latest hotfix, and click Download. Verify the integrity of the download by performing verifying the md5 checksum on the hotfix_XXX.jar file, see that it matches the value found in Adobe ColdFusion update feed: https://www.adobe.com/go/coldfusionupdates If the md5 checksum matches install the hotfix from the command prompt: java -jar {coldfusion-home}\cfusion\hf-updates\hotfix_XXX.jar Replace hotfix_XXX.jar with the filename of the hotfix jar you are installing, and follow the prompts. The installer will typically attempt to restart ColdFusion when done, you can however disable that, see documentation for details. You may need to reinstall the IIS connectors at this point, consult the hotfix release notes. 4.1.2 Setup Permissions on ColdFusion installation directory Grant the user you created for ColdFusion to run as (cfusion in our example) and the Administrators group full control over the ColdFusion installation directory. Enable auditing on this directory as well. In a maximum security environment you may consider a more detailed permission structure for the ColdFusion installation directory to prevent runtime changes to certain resources or configuration, this may however break features like security hotfix installation from ColdFusion administrator. 41