ColdFusion 11 mitigation steps

If you are using ColdFusion 11, we recommend following these mitigation steps:

  1. If you are using a web server, follow the instructions specified in the section Add a connector shared secret section of the lockdown guide.
  2. Set the address attribute on AJP connector to localhost/127.0.0.1/::1 if the web server and ColdFusion co-exist in same server.
  3. If they are residing on different machine, configure each ColdFusion instance with Tomcat IP address so that ColdFusion tomcat can be accessed over remote connector.
  4. <Connector port="8018" protocol="AJP/1.3" packetSize="65535" redirectPort="8451" tomcatAuthentication="false" maxThreads="500" connectionTimeout="60000" address="YOUR_TOMCAT_IP_ADDRESS"/>
  5. Change your firewall configuration such that only trusted hosts such as web server will be allowed to access the AJP connector.
  6. If you are using ColdFusion 11 built-in web server, comment out or remove the AJP connector from server.xml and restart the ColdFusion server.

 Adobe

Получете помощ по-бързо и по-лесно

Нов потребител?

Adobe MAX 2024

Adobe MAX
Конференцията, посветена на креативността

14 – 16 октомври, Маями Бийч и онлайн

Adobe MAX

Конференцията, посветена на креативността

14 – 16 октомври, Маями Бийч и онлайн

Adobe MAX 2024

Adobe MAX
Конференцията, посветена на креативността

14 – 16 октомври, Маями Бийч и онлайн

Adobe MAX

Конференцията, посветена на креативността

14 – 16 октомври, Маями Бийч и онлайн