User Guide Cancel

Server Auto-Lockdown

Last updated on

ColdFusion User Guide
Introduction to ColdFusion
Cloud Services in ColdFusion
Install ColdFusion
Use ColdFusion
Performance Monitoring Toolset
Adobe ColdFusion Builder extension for Visual Studio Code
Use ColdFusion Builder
Coldfusion API Manager
Configure and administer ColdFusion
CFML Reference
1. Introduction to CFML Reference
2. Reserved words and variables
3. ColdFusion tags
  1. ColdFusion tags
  2. Tags in ColdFusion 10
  3. Tag summary
  4. Tags by function
  5. Tag changes since ColdFusion 5
  6. Tags a-b
  7. Tags c
  8. Tags d-e
  9. Tags f
  10. Tags g-h
  11. Tags i
  12. Tags j-l
  13. Tags m-o
  14. Tags p-q
  15. Tags r-s
  16. Tags t
  17. Tags u-z
4. ColdFusion functions
5. Ajax JavaScript functions
6. ColdFusion ActionScript functions
7. ColdFusion mobile functions
8. Application.cfc reference
9. Script functions implemented as CFCs
10. ColdFusion Flash Form style reference
11. ColdFusion event gateway reference
12. ColdFusion C++ CFX Reference
13. ColdFusion Java CFX reference
14. WDDX JavaScript Objects
Develop ColdFusion applications
1. Introducing ColdFusion
2. Changes in ColdFusion
3. Introduction to application development
4. The CFML programming language
5. Building blocks of ColdFusion applications
6. Develop CFML applications
7. Develop mobile applications
8. Access and use data
9. ColdFusion ORM
10. ColdFusion and HTML5
11. Flex and AIR integration in ColdFusion
12. Request and present information
13. Office file interoperability
14. ColdFusion portlets
15. Work with documents, charts, and reports
16. Use web elements and external objects
17. Use external resources

Server Auto-Lockdown helps administrators secure their ColdFusion server installations. Using Server Auto-Lockdown, secure your servers against vulnerabilities.

Note:

To download the Server Auto-Lockdown installers, see Server Lockdown downloads.

At present the steps needed to lock down a ColdFusion server are manual. This document lists the steps to install Server Lockdown, which automates the steps needed for locking down a server.

When locking down a server manually, the steps involved are:

Install IIS
Configure IIS
Create user accounts
Set up webroot folder structure
Set up webroot permissions
Run ColdFusion installer
Install ColdFusion updates
Run webserver configuration tool (wsconfig.exe)
Setup file system permissions
Configure cf_scripts alias (linux)
Change registry permission (windows)
Specify logon user for ColdFusion services
Configure uniworkermap.properties (Windows)
Lockdown the /jakarta virtual directory (Windows)
Change ColdFusion Administrator settings

Instead, the Server Auto-Lockdown installer:

Performs all steps automatically
Provides settings summary
Rolls back to original configuration if the installer fails
Installs silently
Is available for all platforms (Windows and Linux)
Takes far lesser time compared to manually performing the steps

Before locking down a server, you must ensure the following, among others:

ColdFusion must be installed and running in Production or Production + Secure Profile.
A webserver must be installed and running.
ColdFusion Administrator must have been accessed after installation.

Additionally, we recommend the following pre-requisites:

Firewall is enabled.
ColdFusion, webserver , and the webroot are present in separate directories.
ColdFusion has the latest update installed.
Filesystem is NTFS.
In case of UNIX OS with web server as Apache, ensure that you have run Apache by using the control script (apachectl) and not the bin file (httpd).
Ensure that you must not enable Remote component of Administrator while installing ColdFusion.

Note:

On IIS Windows 2019, when the lockdown installer attempts to connect the web server, an exception may occurr due to missing MSVCR110.DLL

As a work-around, you may need to instal Might need to install Microsoft Visual C++ Redistributable 2011.

Windows - IIS

Follow the steps below to install Server Lockdown.

To launch the installer, double-click the setup file. To proceed, click Next and accept the license agreement.
Verify and review the installation pre-requisites.
When you run the installer, the installer asks you for the ColdFusion installation directory. Specify the location and click Next.
From the on-screen options, choose whether you wish to update ColdFusion to its latest version. Choose this option only if there is an internet connection so that you can download the latest update. If you do not have an active internet connection, specify the location of the update jar file.

It is recommended that ColdFusion is on the latest update before starting the Server Auto-Lockdown process.
From the drop-down list, choose the ColdFusion instance, which needs to be locked down. For each instance, run the server lockdown installer separately.

The instances that have already been locked down is displayed below the Available Instances drop-down list.
Choose the web server and click Next.
In case of IIS, choose the respective website(s) that needs to be configured to run as a connector with the given instance. This website(s) will be locked down along with the selected ColdFusion instance.

To select multiple websites, press shift/alt/ctrl, and click each website.

The website(s) with which the connector is already configured with the instance selected in Step 5 will be pre-selected.
Verify that the Application Pool details for the selected websites are correct.

The application pool user will be used to give appropriate permissions to your IIS webroot and connector folder in [CF_Home]\config\wsconfig\[connector number]. Make sure that the name is correct. If not, your ColdFusion applications will be inaccessible. Select a path to map to your application pool.

To proceed, click Next.
Verify that the web server webroot(s) for the selected websites are correct.

This folder must contain the webroot files, and these will be served using the connector port.
The inputs entered below will be used by the installer to make a few changes to the ColdFusion Administrator settings that are recommended in the Lockdown Guide.

The port here is the internal ColdFusion port, and not the connector port. For example, port 8500.

We will not be changing or storing the password. We are using this password as an input. Make sure that the port is open, and ColdFusion instance which is being locked down is being served using this port.
Provide the details for an OS administrator user account. This is required by the installer to make some changes in the file system. This user account must be the administrator account for the system where the installer is running. For example, in Windows, the account may be Administrator.

The domain, in this case, is either the domain in which the administrator account is present or the Machine Name if it is a local account.

We will not be changing or storing the password. This password is needed to roll back changes made to the registry and services in case of any error during installation.
If there is an existing user for running ColdFusion services, select Yes and enter the user details. If there is no existing user, select no and enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running ColdFusion services

While specifying the password, follow the password policy of your organization.
Enter the shutdown port. To proceed, click Next.

Note:

This should only be changed if the ColdFusion server being locked down is on an intranet, and someone else in the network might use the shutdown port. If the machine is an isolated one, there’s no need to change the shutdown port.
Review the pre-installation summary and click Install to start the Server Auto-Lockdown.

Note:

After lockdown, check the installation logs in <CF_HOME>/lockdown/<INSTANCE_TO_LOCKDOWN>/logs/ folder. The log file lists the actions and the status of each action.

Windows - Apache

The following installation screens are specific to Apache. The first few screens are common to both IIS and Apache.

In the step where the installer checks for webserver configurations, choose Apache. Click Install.
The inputs entered below will be used by the installer to make a few changes to the ColdFusion Administrator settings that are recommended in the Lockdown Guide.

The port here is the internal ColdFusion port, and not the connector port. For example, port 8500.

We will not be changing or storing the password. We are using this password as an input. Make sure that the port is open, and ColdFusion instance which is being locked down is being served using this port.
Provide the details for an OS administrator user account. This is required by the installer to make some changes in the file system. This user account must be the administrator account for the system where the installer is running. For example, in Windows, the account may be Administrator.

The domain, in this case, is either the domain in which the administrator account is present or the Machine Name if it is a local account.

We will not be changing or storing the password. This password is needed to roll back changes made to the registry and services in case of any error during installation.
If there is an existing user for running ColdFusion services, select Yes and enter the user details. If there is no existing user, select no and enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running ColdFusion services

While specifying the password, follow the password policy of your organization.
If there is an existing user for running web server, select Yes and enter the user details. If there is no existing user, select no and enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running Apache services.

It is recommended to have different users for running ColdFusion and Apache services.
Specify the path to the conf directory of Apache.
Specify the path of the binary file of Apache.
Specify the path to the webroot of Apache.
If you want to upload files to your website, select Yes and specify the folder where these files are to be uploaded.

By default, the option No is selected.
Enter an alias for /cf_scripts/scripts to block all calls to /cf_scripts/scripts.
Enter the shutdown port. To proceed, click Next.

Linux

To launch the Server Auto-Lockdown installer, double-click the setup file.
Verify and review the pre-requisites for installation.
When you run the installer, the installer asks you for the ColdFusion installation directory. Specify the location and click Next.
From the on-screen options, choose whether you wish to update ColdFusion to its latest version. Choose this option only if there is an internet connection so that you can download the latest update. If you do not have an active internet connection, specify the location of the update jar file.

It is recommended that ColdFusion is on the latest update before starting the Server Auto-Lockdown process.
From the drop-down list, choose the ColdFusion instance, which needs to be locked down. For each instance, run the server lockdown installer separately.

The instances that have already been locked down is displayed below the Available Instances drop-down list.
Choose the web server, which in this case is Apache.
The inputs entered below will be used by the installer to make a few changes to the ColdFusion Administrator settings that are recommended in the Lockdown Guide.

The port here is the internal ColdFusion port, and not the connector port. For example, port 8500.

We will not be changing or storing the password. We are using this password as an input. Make sure that the port is open, and ColdFusion instance which is being locked down is being served using this port.
Provide the details for an OS administrator user account. This is required by the installer to make some changes in the file system. This user account must be the administrator account for the system where the installer is running. For example, in Windows, the account may be Administrator.

The domain, in this case, is either the domain in which the administrator account is present or the Machine Name if it is a local account.

We will not be changing or storing the password. This password is needed to roll back changes made to the registry and services in case of any error during installation.

The password is optional in Linux.
If there is an existing user for running ColdFusion services, select Yes and enter the user details. If there is no existing user, select no and enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running ColdFusion services

While specifying the password, follow the password policy of your organization.

The password is optional in Linux.
If there is an existing user for running web server, select Yes and enter the user details. If there is no existing user, select no and enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running ColdFusion services

While specifying the password, follow the password policy of your organization.

The password is optional in Linux.
Specify the path to the conf directory of Apache.
Specify the path of the binary file of Apache.
Specify the path to the Apache webroot.
If you want to upload files to your website, select Yes and specify the folder where these files are to be uploaded.
To restrict calls to /cf_scripts/scripts, enter an alias for the location.
Enter the shutdown port. To proceed, click Next.

Mac OS

To launch the Server Auto-Lockdown installer, double-click the setup file.
Verify and review the pre-requisites for installation.
When you run the installer, the installer asks you for the ColdFusion installation directory. Specify the location and click Next.
From the on-screen options, choose whether you wish to update ColdFusion to its latest version. Choose this option only if there is an internet connection so that you can download the latest update. If you do not have an active internet connection, specify the location of the update jar file.

It is recommended that ColdFusion is on the latest update before starting the Server Auto-Lockdown process.
From the drop-down list, choose the ColdFusion instance, which needs to be locked down. For each instance, run the server lockdown installer separately.

The instances that have already been locked down is displayed below the Available Instances drop-down list.
Choose the web server, which in this case is Apache.
The inputs entered below will be used by the installer to make a few changes to the ColdFusion Administrator settings that are recommended in the Lockdown Guide.

The port here is the internal ColdFusion port, and not the connector port. For example, port 8500.

We will not be changing or storing the password. We are using this password as an input. Make sure that the port is open, and ColdFusion instance which is being locked down is being served using this port.
Provide the details for an OS administrator user account. This is required by the installer to make some changes in the file system. This user account must be the administrator account for the system where the installer is running. For example, in Windows, the account may be Administrator.

The domain, in this case, is either the domain in which the administrator account is present or the Machine Name if it is a local account.

We will not be changing or storing the password. This password is needed to roll back changes made to the registry and services in case of any error during installation.
If there is an existing user for running ColdFusion services, select Yes and enter the user details. If there is no existing user, select no and enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running ColdFusion services

While specifying the password, follow the password policy of your organization.
If there is an existing user for running web server, select Yes and enter the user details. If there is no existing user, select no and enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running ColdFusion services

While specifying the password, follow the password policy of your organization.
Specify the path to the conf directory of Apache.
Specify the path of the binary file of Apache.
Specify the path to the Apache webroot.
If you want to upload files to your website, select Yes and specify the folder where these files are to be uploaded.
To restrict calls to /cf_scripts/scripts, enter an alias for the location.
Enter the shutdown port. To proceed, click Next.
Review the pre-installation summary and click Install.

Solaris

To launch the Server Auto-Lockdown installer, enter the file name in the command line.
Accept the license agreement.
Verify and review the pre-requisites for installation.
When you run the installer, the installer asks you for the ColdFusion installation directory. Specify the location and press Enter.
From the options (1-Yes or 2-No), choose whether you wish to update ColdFusion to its latest version. Choose this option only if there is an internet connection so that you can download the latest update. If you do not have an active internet connection, specify the location of the update jar file.

It is recommended that ColdFusion is on the latest update before starting the Server Auto-Lockdown process.
Enter the ColdFusion instance, which needs to be locked down. For each instance, run the server lockdown installer separately.
Enter the web server, which in this case is Apache.
The inputs entered below will be used by the installer to make a few changes to the ColdFusion Administrator settings that are recommended in the Lockdown Guide.

The port here is the internal ColdFusion port, and not the connector port. For example, port 8500.

We will not be changing or storing the password. We are using this password as an input. Make sure that the port is open, and ColdFusion instance which is being locked down is being served using this port.
Provide the details for an OS administrator user account. This is required by the installer to make some changes in the file system. This user account must be the administrator account for the system where the installer is running.

The domain, in this case, is either the domain in which the administrator account is present or the Machine Name if it is a local account.

We will not be changing or storing the password. This password is needed to roll back changes made to the registry and services in case of any error during installation.
If there is an existing user for running ColdFusion services, enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running ColdFusion services

While specifying the password, follow the password policy of your organization.
If there is an existing user for running web server, enter the user details with domain name as the machine name. These details will be used to create a user in the Local System which will be used for running ColdFusion services

While specifying the password, follow the password policy of your organization.
Enter the path to the conf directory of Apache.
Enter the path of the binary file of Apache.
Enter the path of the Apache webroot.
If you want to upload files to your website, choose (1-Yes or 2-No) and enter the folder where these files are to be uploaded.
To restrict calls to /cf_scripts/scripts, enter an alias for the location.
For entering the Shutdown port,choose (1-Yes or 2-No) or press Enter.
Review the pre-installation summary and press Enter to start the installation.

Silent installation of Server Auto-Lockdown

Linux - Apache

# Silent Properties file for Adobe ColdFusion Server Auto-Lockdown Installer
# Web Server : Apache
# Platform : Linux

INSTALLER_UI=SILENT

#Enter the directory where ColdFusion is installed. Ex: /opt/coldfusion2021.
SILENT_CF_SERVER_LOCATION=

#The Web Server Apache is selected for configuring the connector in ColdFusion.
#Apache will also be locked down along with ColdFusion.
SERVER_APACHE=1
SERVER_IIS=0

#ColdFusion Server instance intended for Lockdown Ex:cfusion
APP_SERVER_INSTANCE=

#Update ColdFusion to the latest update. Allowed : 1, if you want to update ColdFusion, 0 if not.
UPDATE_CF_TRUE=1

#Allowed : 1 for Automatic Update, 0 for Manually updating ColdFusion
AUTO_UPDATE_CF_TRUE=1

#If auto-update is false, provide the path where hotfix.jar is present. Give full path.
HF_UPDATE_JAR_PATH=

#Apache Windows

#ColdFusion Configuration
#Enter the ColdFusion Administrator credentials and the built-in Web Server port.
CF_ADMIN_USERNAME=
CF_ADMIN_PASSWORD=
CF_ADMIN_PORT=

#OS Administrator Account Details.
#Enter the user account details of the OS administrator.
SYSTEM_ADMIN_USER=
SYSTEM_ADMIN_PWD=
SYSTEM_ADMIN_DOMAIN=

# Allowed :1 if you have a user already created for running CF Services, 0 otherwise.
USER_CF_SERVICE_TRUE=

# Details for User for configuring ColdFusion services and file system permissions. If not existing, a user will be created
CF_USER_UNAME=
CF_USER_PWD=
CF_USER_GRP=

# Enter the user account to run Web Server with, post lockdown.
#The user account will be granted file system permissions to the ColdFusion connector directories and the Web Server webroot(s)/document root.
# 1 if you have a user created for running Apache Services, 0 otherwise.
APACHE_DEFAULT_USER_TRUE=
APACHE_DEFAULT_USERNAME=apache
APACHE_DEFAULT_GROUP=
APACHE_DEFAULT_PASSWORD=

#Enter the conf directory path of the Web Server.
#This folder must contain the httpd.conf or apache2.conf file.Ex: /etc/apache2.
WEBSERVER_CONF_DIR=

#Enter the binary file path of the Web Server. Ex: /usr/sbin/apache2
APACHE_BIN_FILE_PATH=

#Enter the webroot path of the Web Server.
#The required file system permissions will be granted to this folder.Ex; /var/www/html
WEBROOT_PATH=

#If you want to upload files to your website, specify the path of the folder where these files are to be placed.
#This folder will also be granted write permissions.
#Allowed: 1 if you want files to be uploaded through your website, 0 otherwise
USER_FILE_UPLOAD_TRUE=
USER_FILE_UPLOAD_PATH=

#Enter an alias for /cf_scripts/scripts to block all calls to /cf_scripts/scripts.
CF_SCRIPTS_ALIAS=

#Allowed: 1 if you want to change the shutdown port, 0 otherwise
CHANGE_SHUTDOWN_PORT_TRUE=1

# New shutdown port number
SHUTDOWN_PORT_NEW=

Windows - Apache

# Silent Properties file for Adobe ColdFusion Server Auto-Lockdown Installer
# Web Server : Apache
# Platform : Windows(All)

INSTALLER_UI=SILENT

#Enter the directory where ColdFusion is installed. Ex: C:\\ColdFusion2021.
SILENT_CF_SERVER_LOCATION=C:\\ColdFusion2021

#The Web Server Apache is selected for configuring the connector in ColdFusion.
#Apache will also be locked down along with ColdFusion.
SERVER_APACHE=1
SERVER_IIS=0

#ColdFusion Server instance intended for Lockdown Ex:cfusion
APP_SERVER_INSTANCE=

#Update ColdFusion to the latest update. Allowed : 1, if you want to update ColdFusion, 0 if not.
UPDATE_CF_TRUE=1

#Allowed : 1 for Automatic Update, 0 for Manually updating ColdFusion
AUTO_UPDATE_CF_TRUE=1

#If auto-update is false, provide the path where hotfix.jar is present. Give full path.
HF_UPDATE_JAR_PATH=

#Apache Windows

#ColdFusion Configuration
#Enter the ColdFusion Administrator credentials and the built-in Web Server port.
CF_ADMIN_USERNAME=
CF_ADMIN_PASSWORD=
CF_ADMIN_PORT=

#OS Administrator Account Details.
#Enter the user account details of the OS administrator.
SYSTEM_ADMIN_USER=
SYSTEM_ADMIN_PWD=
SYSTEM_ADMIN_DOMAIN=

# Allowed :1 if you have a user already created for running CF Services, 0 otherwise.
USER_CF_SERVICE_TRUE=

# Details for User for configuring ColdFusion services and file system permissions. If not existing, a user will be created
CF_USER_UNAME=
CF_USER_PWD=
CF_USER_GRP=

#Enter the conf directory path of the Web Server.
#This folder must contain the httpd.conf or apache2.conf file.Ex: C:\Apache24\conf.
WEBSERVER_CONF_DIR=

#Enter the binary file path of the Web Server. Ex: C:\Apache24\bin\httpd.exe
APACHE_BIN_FILE_PATH=

#Enter the webroot path of the Web Server.
#The required file system permissions will be granted to this folder.Ex C:\Apache24\htdocs
WEBROOT_PATH=

#Enter an alias for /cf_scripts/scripts to block all calls to /cf_scripts/scripts.
CF_SCRIPTS_ALIAS=

#Allowed: 1 if you want to change the shutdown port, 0 otherwise
CHANGE_SHUTDOWN_PORT_TRUE=1

# New shutdown port number
SHUTDOWN_PORT_NEW=

Windows - IIS

# Silent Properties file for Adobe ColdFusion Server Auto-Lockdown Installer 
# Web Server : IIS 
# Platform : Windows(All) 
 
INSTALLER_UI=SILENT 
 
#Enter the directory where ColdFusion is installed. Ex: C:\ColdFusion2021. 
SILENT_CF_SERVER_LOCATION= 
 
#The Web Server IIS is selected for configuring the connector in ColdFusion. 
#The IIS website(s) will also be locked down along with ColdFusion. 
SERVER_IIS=1 
SERVER_APACHE=0 
 
#ColdFusion Server instance intended for Lockdown Ex:cfusion 
APP_SERVER_INSTANCE= 
 
#Enter the IIS Website(s) you are planning to Lockdown(comma separated). Ex: site1,site2 
SILENT_WEBSITES_TO_LOCKDOWN= 
 
#Application Pool(s) for chosen website(s) (comma separated). Ex: site1AppPool,site2AppPool 
SILENT_APP_POOL_IIS_WEBSITES= 
 
#Webroot(s) folder for chosen website in IIS (comma separated) Ex: C:\inetpub\site1,C:\inetpub\site2 
SILENT_WEBROOT_IIS_WEBSITES= 
 
#Update ColdFusion to the latest update. Allowed : 1, if you want to update ColdFusion, 0 if not. 
UPDATE_CF_TRUE=1 
 
#Allowed : 1 for Automatic Update, 0 for Manually updating ColdFusion 
AUTO_UPDATE_CF_TRUE=1 
 
#If auto-update is false, provide the path where hotfix.jar is present. Give full path. 
HF_UPDATE_JAR_PATH= 
 
#ColdFusion Configuration 
#Enter the ColdFusion Administrator credentials and the built-in Web Server port. 
CF_ADMIN_USERNAME= 
CF_ADMIN_PASSWORD= 
CF_ADMIN_PORT= 
 
#OS Administrator Account Details. 
#Enter the user account details of the OS administrator.  
SYSTEM_ADMIN_USER= 
SYSTEM_ADMIN_PWD= 
SYSTEM_ADMIN_DOMAIN= 
 
# Allowed :1 if you have a user already created for running CF Services, 0 otherwise. 
USER_CF_SERVICE_TRUE=1 
 
#Enter the user account to run ColdFusion with, post lockdown.  
#The user account will be granted file system permissions to ColdFusion and the Web Server webroot(s)/document root. 
CF_USER_UNAME= 
CF_USER_DOMAIN= 
CF_USER_PWD= 
 
# Allowed :1 if you want to change the shutdown port, 0 otherwise 
CHANGE_SHUTDOWN_PORT_TRUE=1 
 
# New shutdown port number 
SHUTDOWN_PORT_NEW=

Windows - IIS - Uninstall properties

# Silent Properties file for Adobe ColdFusion Server Auto-Lockdown Installer 
# Web Server : IIS 
# Platform : Windows(All) 
 
INSTALLER_UI=SILENT 
 
# Enter the details for the user account that was used to configure ColdFusion during lockdown.  
# In case the user was created during the server lockdown, the user account will be deleted. 
CF_USER_UNAME_OLD= 
CF_USER_PWD_OLD= 
CF_USER_DOMAIN_OLD= 
 
# Enter the user account to run ColdFusion with post uninstallation of lockdown.  
# The given user must already exist in the system. 
CF_USER_UNAME= 
CF_USER_PWD= 
CF_USER_DOMAIN= 
 
# Enter the username, password and internal webserver port for the ColdFusion Administrator.  
# Any changes made to ColdFusion during lockdown will be reverted using these credentials. 
CF_ADMIN_USERNAME= 
CF_ADMIN_PASSWORD= 
CF_ADMIN_PORT=

Apache - Uninstall properties

# Silent Properties file for Adobe ColdFusion Server Auto-Lockdown Installer
# Web Server : Apache
# Platform : Windows, Solaris, Linux

INSTALLER_UI=SILENT

# Enter the details for the user account that was used to configure ColdFusion during auto-lockdown. 
# In case the user was created during the server auto-lockdown, the user account will be deleted.
CF_USER_UNAME_OLD=
CF_USER_PWD_OLD=
CF_USER_DOMAIN_OLD=

# Enter the OS user account to run ColdFusion with post uninstallation of auto-lockdown. 
# The given user must already exist in the system.
CF_USER_UNAME=
CF_USER_PWD=
CF_USER_DOMAIN=

# Enter the username, password, and internal webserver port for the ColdFusion Administrator. 
# Any changes made to ColdFusion during lockdown will be reverted using these credentials.
CF_ADMIN_USERNAME=
CF_ADMIN_PASSWORD=
CF_ADMIN_PORT=

Solaris- Silent installer properties

# Silent Properties file for Adobe ColdFusion Server Lockdown Guide Installer 
# Web Server : Apache 
# Platform : Solaris 
 
INSTALLER_UI=SILENT 
 
#ColdFusion Installation Location 
SILENT_CF_SERVER_LOCATION=/opt/coldfusion2021 
 
#Choosing Web Server 
SERVER_APACHE=1 
SERVER_IIS=0 
 
#ColdFusion Server instance intended for Lockdown 
APP_SERVER_INSTANCE=cfusion 
 
#Update ColdFusion to the latest update. Allowed : 1, if you want to update ColdFusion, 0 if not. 
UPDATE_CF_TRUE=1 
 
#Allowed : 1 for Automatic Update, 0 for Manually updating ColdFusion 
AUTO_UPDATE_CF_TRUE=1 
 
#If auto-update is false, provide the path where hotfix.jar is present. Give full path. 
HF_UPDATE_JAR_PATH= 
 
#Apache Solaris 
 
#ColdFusion Administrator details 
CF_ADMIN_USERNAME= 
CF_ADMIN_PASSWORD= 
CF_ADMIN_PORT= 
 
#System Admin 
SYSTEM_ADMIN_USER= 
SYSTEM_ADMIN_PWD= 
SYSTEM_ADMIN_DOMAIN= 
 
# 1 if you have a user created for running CF Services, 0 otherwise. 
USER_CF_SERVICE_TRUE= 
 
# Details for User for configuring ColdFusion services and file system permissions. If not existing, a user will be created 
CF_USER_UNAME= 
CF_USER_PWD= 
CF_USER_GRP= 
 
# Details for apache user 
# 1 if you have a user created for running Apache Services, 0 otherwise. 
APACHE_DEFAULT_USER_TRUE= 
APACHE_DEFAULT_USERNAME=apache 
APACHE_DEFAULT_GROUP= 
APACHE_DEFAULT_PASSWORD= 
 
#Apache Webroot folder path. If does not exist, one will be created. 
WEBROOT_PATH= 
 
#conf directory path for Webserver 
WEBSERVER_CONF_DIR= 
 
#Path of apache bin file 
APACHE_BIN_FILE_PATH= 
 
# 1 if you want files to be uploaded through your website, 0 otherwise 
USER_FILE_UPLOAD_TRUE= 
 
# Folder where the file upload should be allowed (inside webroot) 
USER_FILE_UPLOAD_PATH= 
 
# alias for cf_scripts 
CF_SCRIPTS_ALIAS= 
 
# 1 if you want to change the shutdown port, 0 otherwise 
CHANGE_SHUTDOWN_PORT_TRUE=1 
 
# New shutdown port number 
SHUTDOWN_PORT_NEW=

Solaris- Silent uninstaller properties

# Silent Properties file for Adobe ColdFusion Server Automated Lockdown Guide Uninstaller 
# Web Server : Apache 
# Platform : Solaris 
 
INSTALLER_UI=SILENT 
 
# New user details.  Post uninstallation, ColdFusion will run using this user. 
CF_USER_UNAME= 
CF_USER_PWD= 
# Group 
CF_USER_DOMAIN= 
 
# Old user details. This user will be deleted during uninstallation. 
CF_USER_UNAME_OLD= 
CF_USER_PWD_OLD= 
CF_USER_DOMAIN_OLD= 
 
# ColdFusion Administrator Details 
CF_ADMIN_USERNAME= 
CF_ADMIN_PASSWORD= 
CF_ADMIN_PORT=

Server Auto-Lockdown

Windows - IIS

Windows - Apache

Linux

Mac OS

Solaris

Silent installation of Server Auto-Lockdown

Linux - Apache

Windows - Apache

Windows - IIS

Windows - IIS - Uninstall properties

Apache - Uninstall properties

Solaris- Silent installer properties

Solaris- Silent uninstaller properties

Ask the Community

Contact Us