Adobe 38043740 Lockdown Guide - Page 79
Remove WSRP Servlet Mapping, 6.9 Disabling the CFFileServlet Mapping
UPC - 883919135168
View all Adobe 38043740 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 79 highlights
If you are not using the cfreport you can change the servlet mapping for *.cfr to point to the CFForbiddenServlet, this servlet will return 403 forbidden response if a cfr file is requested: CFCServlet *.cfr Change to: CFForbiddenServlet *.cfr Be sure to remove the .cfr mapping on the web server. 6.8 Remove WSRP Servlet Mapping The WSRP Servlets and Filters are used to support Web Services for Remote Portlets, a SOAP based API for serving portlets. If this feature is not used the web services Remove the WSRPFilter Servlet Mapping: WSRPProducer /WSRPProducer/* 6.9 Disabling the CFFileServlet Mapping The CFFileServlet is used to serve dynamically generated assets. It is used to support the following tags cfreport, cfpresentation, and cfimage (with action=captcha and action=writeToBrowser). If you are not using these features you may remove the servlet mapping: 79