displaying top 100 results
Tracker Issue Lockdown Installer should find port from server.xml
Lockdown Installer should find port from server.xml
Tracker Issue Lockdown Installer Download is not HTTPS
Lockdown Installer Download is not HTTPS
NumberFormatException when running Linux Lockdown Installer
Tracker Issue Lockdown Installer does not report fatal errors as fatal
Lockdown Installer does not report fatal errors as fatal
Linux Lockdown Installer should not require OS account passwords
Lockdown Installer Should default Domain to Computer Name
Lockdown Installer does not use inheritance for file permissions
Tracker Issue Rollback of Lockdown Installer caused 500 server error
Rollback of Lockdown Installer caused 500 server error
Tracker Issue Lockdown Installer Rolls back if Apache is Stopped
Lockdown Installer Rolls back if Apache is Stopped
Comment on Lockdown Installer Rolls back if Apache is Stopped by Kailash B.
Comment on Lockdown Installer should find port from server.xml by Kailash B.
Tracker Comment Comment on Lockdown Installer does not use inheritance for file permissions by Aaron N.
Comment on Lockdown Installer does not use inheritance for file permissions by Aaron N.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Manas M.
Tracker Comment Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Tracker Comment Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Peter F.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Manas M.
Tracker Comment Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Tracker Comment Comment on Lockdown Installer does not use inheritance for file permissions by Peter F.
Comment on Lockdown Installer does not use inheritance for file permissions by Peter F.
Tracker Comment Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Tracker Comment Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Kailash B.
Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Kailash B.
Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux
Tracker Issue Typo in Lockdown Installer: intall
Typo in Lockdown Installer: intall
Tracker Issue Installer rolls back if wsconfig is left open
4476634 CF-4202932 Security : LockdownGuide Installer rolls back if wsconfig is left open Problem Description: If you accidentally leave wsconfig running while running the lockdown installer it fails half way through and has to roll back its changes. Ideally it could be checked at installer
Tracker Issue Installer Errored
4214896 CF-4202005 Installation/Config : Lockdown Installer Installer Errored Problem Description: I got an error running the lockdown installer - see attached log file.
Steps to Reproduce:
Started with a fresh Windows 2016 server on EC2. Installed IIS. Deleted the Default Web Site, created two
Tracker Issue [ANeff] Bug for: Auto-Lockdown installer missing
[ANeff] Bug for: Auto-Lockdown installer missing
Lockdown Installer: The BACKUP object with identifier LockDownBackup already exists.
Tracker Issue Lockdown installer 1 NonFatalErrors on Win 2016
Lockdown installer 1 NonFatalErrors on Win 2016
Portal Comment Comment on Server Auto-Lockdown by Carl Meyer
Carl Meyer Hello, Where do I download CF2018 Server Auto-Lockdown installer to be able to run that?
Thanks in advance, Carl.
Portal Topic Coldfusion 2018 Auto Lockdown tool
nickj24525839 Coldfusion 2018 Auto Lockdown tool How long should it take to install the lockdown tool? I have 4 websites in IIS and it has been stuck at 100% for an hour. Installing… Change permissions of IIS website: The log stopped populating and the cpu under task manger is at zero.
The post
Comment on [ANeff] Bug for: Auto-Lockdown installer missing by Immanuel N.
Portal Comment Comment on Apply the Server Auto-Lockdown to a site without re-installing the Lockdown tool by SauravGhosh
Comment on Apply the Server Auto-Lockdown to a site without re-installing the Lockdown tool by SauravGhosh
Apply the Server Auto-Lockdown to a site without re-installing the Lockdown tool
4214883 CF-4202002 Peter F. FYI The passwords were also written to C:\ColdFusion2018\lockdown\cfusion\Logs\Adobe_ColdFusion_2018_Automated_Lockdown_Installer_Install_04_17_2018_20_23_37.log
Tracker Issue Linux Installer points to cf11 lockdown guide
Linux Installer points to cf11 lockdown guide
Tracker Issue Passwords are written to lockdown_logs.txt
4214883 CF-4202002 Installation/Config : Lockdown Installer Passwords are written to lockdown_logs.txt Problem Description: When asked for the OS Administrator password it says "The password is not stored" but it ended up in the lockdown_logs.txt file.
It also writes the CF Admin passwords
Portal Topic ColdFusion 2018 Lockdown Guide
Peter Freitag ColdFusion 2018 Lockdown Guide Looking for the ColdFusion 2018 Lockdown guide?
The post ColdFusion 2018 Lockdown Guide appeared first on ColdFusion. Blog,CF2018 Updates,ColdFusion 2018,2018,blog,cf2018 updates,coldfusion 2018,installation,security
Tracker Issue [Lockdown] CF Scripts URI Should be Random
4480653 CF-4202953 Security : LockdownGuide [Lockdown] CF Scripts URI Should be Random Problem Description: The lockdown installer remaps the /cf_scripts URI to /cfscripts_2018 - there is no benefit in changing it from one known default to another known default - if it is going to change it
Tracker Comment Comment on Lockdown Installer: The BACKUP object with identifier LockDownBackup already exists. by Kailash B.
Comment on Lockdown Installer: The BACKUP object with identifier LockDownBackup already exists. by Kailash B.
Tracker Issue [ANeff] Bug for: CF2018 Lockdown Guide URLs
4214811 CF-4201999 Installation/Config : Installer [ANeff] Bug for: CF2018 Lockdown Guide URLs Issue: CF2018 Installer's "Select ColdFusion Server Profile" screen mentions these outdated URLs:
1) http://www.adobe.com/go/cf2016_secureprofile
2) http://www.adobe.com/go/cf2016-lockdown
Tracker Issue [ANeff] Bug for: CF2018 Lockdown Guide URLs
4213060 CF-4201996 Installation/Config : Installer [ANeff] Bug for: CF2018 Lockdown Guide URLs Issue: CF2018 Installer's "Select ColdFusion Server Profile" screen mentions these outdated URLs:
1) http://www.adobe.com/go/cf2016_secureprofile
2) http://www.adobe.com/go/cf2016-lockdown
Tracker Issue [ANeff] Bug for: CF2018 Lockdown Guide URLs
4213745 CF-4201995 Installation/Config : Installer [ANeff] Bug for: CF2018 Lockdown Guide URLs Issue: CF2018 Installer's "Select ColdFusion Server Profile" screen mentions these outdated URLs:
1) http://www.adobe.com/go/cf2016_secureprofile
2) http://www.adobe.com/go/cf2016-lockdown
Comment on Link to lockdown guide in installer returns a 404 by Piyush K.
Tracker Comment Comment on Installer Errored by Kailash B.
Comment on Installer Errored by Kailash B.
Tracker Issue CF2018 Auto lockdown not able to complete, if Add-on, ODBC and .NET service services are not installed in Windows environment.
CF2018 Auto lockdown not able to complete, if Add-on, ODBC and .NET service services are not installed in Windows environment.
Comment on Linux Installer points to cf11 lockdown guide by CFwatson U.
6328500 CF-4205409 Installation/Config : Lockdown Installer Lockdown tool prevents selecting instance to lockdown when locked down instances > 10 Problem Description:
Can't select new instance to lockdown in lockdown tool when there are 10+ instances already locked down - Looks like the lockdown
Vamseekrishna Nanneboina Regarding #2, the primary reason for refreshing the installers was to bundle Java 11, so the scope was kind of limited to Java 11 and Update 2 bug fixes. We've also added support for the Lockdown installer for Mac OS X. We will see if anything can be done to fix #1 outside
Miguel Fernandez SauravGhosh – when you guys add security features like this in an update are you also updating the Server Auto-Lockdown installer to include them? (I realize this only applies to ColdFusion 2018)
Tracker Issue Silent installer - breaks ALL IIS connection pools - check params before doing anything
6750169 CF-4206954 Installation/Config : Lockdown Installer Silent installer - breaks ALL IIS connection pools - check params before doing anything I had run the lockdown tool in silent mode but a typo in the properties file for the “SILENT_WEBSITES_TO_LOCKDOWN” attribute (web site didn
Tracker Issue Link to lockdown guide in installer returns a 404
Link to lockdown guide in installer returns a 404
Portal Topic Server Auto-Lockdown
Server Auto-Lockdown
Comment on Link to lockdown guide in installer returns a 404 by Piyush K.
Aaron Neff Hi All,
These CF2018 Public Beta installers have been re-refreshed about 14 hours ago:
- ColdFusion Windows installer
- Performance Monitoring Toolset Windows installer
- Automated Lockdown Windows installer
CF build# changed from 2018.0.0.310409 to 2018.0.0.310608.
The refreshed PMT
the following: Auto-discovery of nodes in Performance Monitoring Toolset Updated text in Server Lockdown installer screens More than 120 bug fixes For more information, see the blog, Adobe ColdFusion (2018 Release) Public Beta.
The post ColdFusion (2018 release) Public Beta Refreshed Installers appeared first
Portal Comment Comment on Server Auto-Lockdown by philg15796544
philg15796544 Hi Miguel,
I am experiencing the same issue. The lockdown is bailing out after it finds that I did not install the optional services. My log is identical to yours. Very frustrating!
Portal Comment Comment on Apply the Server Auto-Lockdown to a site without re-installing the Lockdown tool by Charlie Arehart
Comment on Apply the Server Auto-Lockdown to a site without re-installing the Lockdown tool by Charlie Arehart
4467319 CF-4202894 Aaron N. Hi Hari,
Thanks very much, but what sense does it make to require manual wsconfig or Auto-Lockdown when installing CF as developer edition? That's a turn off. Making a simple thing complicated. Do you see what I mean?
Installing Developer edition and configuring a site
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
DougCain Hi Saurav, also noticed a couple of notes on the bulletin:
"Customers who have followed the lockdown procedures during installation are not impacted by this issue. "
Is this referring to manual and/or auto lock down?
If so the the issue only affects windows users that have not run
Tracker Issue In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required.
2608467 CF-4088018 Hot Fix Installer : Installer ext-user In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required. Problem:
In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required
Portal Topic ColdFusion 2018 Add-on installers
RAHUL UPADHYAY ColdFusion 2018 Add-on installers ColdFusion 2018 Add-on installers are available on https://www.adobe.com/support/coldfusion/downloads.html It includes installers for: COLDFUSION (2018 RELEASE) PERFORMANCE MONITORING TOOLSET COLDFUSION (2018 RELEASE) SERVER AUTO-LOCKDOWN COLDFUSION
scalable, high-performing web applications in CFML. Now in ColdFusion, we’ve added an all-new Performance Monitoring Toolset, a standalone server with low overhead to control and optimize applications and a new auto lockdown installer to help increase security in the Production Server. In addition, web
Comment on Linux Installer points to cf11 lockdown guide by CFwatson U.
Portal Comment Comment on Server Auto-Lockdown by Charlie Arehart
Charlie Arehart
Folks finding this post in mid-2019 and beyond should note that in the technotes for CF2018 update 4 (from June 2019) there is indication that the Lockdown tool installer was “refreshed” (a new one was made available). See
Portal Comment Comment on Running the CF 2018 PMT? Have you manually applied the recent update to it? by Dan OKeefe
Dan OKeefe Giancarlo Gomez Hi JC.
Charlie, I searching to see if there are any know issues with Windows 2016 and came across your post here. On a fresh AWS ec2 instance, Windows 2016, CF 2018 Update 3 applied, CF 2018 Lockdown
Tracker Comment Comment on Isolate the /CFIDE/scripts directory from the rest of /CFIDE by External U.
2610074 CF-3732913 External U. This has been requested for many years and Adobe's continued response is "there isn't enough time". Well, when will there be time? How many times does this security flaw have to bite Adobe before they find the time? One of the first things I do when when installing a
4467319 CF-4202894 Aaron N. Wish I could edit. Please ignore the "Maybe in next updater?" as that doesn't even make sense.
Issue should be fixed in next refresh of the installers. The Developer Edition installer flow should not have been changed in CF2018. One doesn't typically lockdown one's Dev
Tracker Issue Default user in Windows
2612295 CF-3529336 Installation/Config David Epler Default user in Windows The installer for Windows should allow for specifying the user that ColdFusion should run as and not rely on the administrator to come back and change it by following the lockdown guide. The Linux and Solaris installers have
Tracker Issue "Download and Install" fails when installing on Update 1
quick hit on the update log revealed permission issues.
Steps to Reproduce:
Install CF2016 and follow the Lockdown guide completely (especially the part about the CFUser)
Actual Result:
The hotfix wasn't applied. Looks like it can't access/delete certain files.
Expected Result:
Hotfix
Tracker Comment Comment on Coldfusion 11 Update 2 impossible due to error in Coldfusion Administrator by External U.
2609506 CF-3840648 External U. I am getting the exact same error. I have CF11 installed with no updates applied so far. I am also using the-built in web server and have not applied any lockdown steps or enabled secure mode.
Comment on "Download and Install" fails when installing on Update 1 by External U.
Portal Topic How to install ColdFusion updates manually
RAHUL UPADHYAY How to install ColdFusion updates manually Sometimes, CF administrator UI update installation could fail due to permissions, lockdown guide, network restrictions etc. You can follow below instructions to apply updates manually. Navigate to https
Portal Comment Comment on ColdFusion (2018 release) Update 5 and ColdFusion (2016 release) Update 12 released by Rebecca P
the recommended configuration in the Lockdown Guide for 2016 (although it is still covered there as an option). I got started with CF9 when it was recommended by the Lockdown Guide for Windows installations, and still prefer to use IIS as we can leverage Windows authentication to control access to the CF Admin
Portal Comment Comment on Server Auto-Lockdown by nickj24525839
Comment on Server Auto-Lockdown by nickj24525839
Comment on [Lockdown] CF Scripts URI Should be Random by Miguel F.
Tracker Comment Comment on Block Download and Install / Install Buttons in Server Update Page on Windows by External U.
Comment on Block Download and Install / Install Buttons in Server Update Page on Windows by External U.
Portal Comment Comment on ColdFusion (2018 release) Update 2, ColdFusion (2016 release) Update 8, and ColdFusion 11 Update 16 released by Legorol San
="nofollow">https://www.adobe.com/support/coldfusion/downloads.html
As far as I can tell, the following installers were refreshed:
Add-on Services Installers for ColdFusion (2018 release)
ColdFusion (2018 release) .NET Integration Service Installer
ColdFusion (2018 release) Performance Monitoring Toolset
ColdFusion (2018 release) Server Auto-Lockdown
Portal Comment Comment on Server Auto-Lockdown by Miguel Fernandez
Comment on Server Auto-Lockdown by Miguel Fernandez
Tracker Comment Comment on Block Download and Install / Install Buttons in Server Update Page on Windows by External U.
structure on my development computers and per the Lockdown Guide on my Windows production server).
The only way I've been able to get the updates to install properly from the CF Administrator is as follows:
1. Change the ColdFusion service account to run as the local Administrator account.
2. Stop
to the lockdown guide:
Download and Install Windows tool named SubInACL.exe from
http://www.microsoft.com/en-us/download/confirmation.aspx?id=23510
Then, run the following to give stop/start permissions to the new secure user:
"C:\Program Files (x86)\Windows Resource Kits\Tools\subinacl.exe" /service "\\\Cold
Vincent Krist I am unable to install Update 8 on our CF 2016 server. The server is running CF 2016 Update 7 on Windows Server 2008 R2. Coldfusion 2016 was originally installed using Pete Freitag's lockdown guide and we have never had any problems installing the previous updates. The Coldfusion
Tracker Comment Comment on Sporadic StackOverflowError involving coldfusion.security.BasicPolicy since CF2016HF12 by Chris D.
6439313 CF-4205821 Chris D. We can't reproduce it on demand either. These stack overflow errors started after applying Update 12 in October and has gotten much worse in the last six weeks since installing Update 13.
Our CF2016 Update 13 servers are locked down per the CF lockdown guide. Windows
for this seems to have first started. In the old lockdown guides for CF10 and CF 11, the reference for editing server.xml was limited to Linux installations (apparently CF Admin took care of this under the hood in Windows in that case).
As it is I'm heavily inclined to leave my workaround in place
5369952 CF-4204032 Installation/Config : Connector unable to stat uriworkermap.properties error logged in mod_jk.log Problem Description:
As soon as ColdFusion 2018 update 2 was installed and the Apache connector was rebuilt, we are seeing this following error in mod_jk.log, repeatedly.
[Thu Feb
Tracker Comment Comment on CF11 update 8 doesn't install properly by External U.
Comment on CF11 update 8 doesn't install properly by External U.
\hf-updates\updates.xml. This file is nothing more than an XML file that contains a list of applied updates.
Adobe issues a Lockdown Guide that HIGHLY recommends that ColdFusion be run under a local user account with limited permissions. This prevents ColdFusion Updates from being installed even when the above file or even
Comment on "Download and Install" fails when installing on Update 1 by External U.
Comment on "Download and Install" fails when installing on Update 1 by S P.
Full Control) prior to running CF's installer.
According to Nimit, it is not related to the lock-down steps. Just mentioning it FWIW.
Related thread: http://prerelease.adobe.com/r/?8b745481c2d34200a84f12e3a5cb8bcb
----------------------------- Additional Watson Details
Tracker Comment Comment on ColdFusion 11 Updates do NOT install when ColdFusion is running as local user account by External U.
Comment on ColdFusion 11 Updates do NOT install when ColdFusion is running as local user account by External U.
Tracker Comment Comment on ColdFusion 11 Updates do NOT install when ColdFusion is running as local user account by S P.
Comment on ColdFusion 11 Updates do NOT install when ColdFusion is running as local user account by S P.
Charlie Arehart Doug, as for that jvm flag, if you read to the end of that section in the security bulletin , you'll see it attempts to clarify things, saying "Set the JVM flags on a JEE installation
Tracker Issue Database driver memory leak
-database-drivers-leaking-memory
Steps to Reproduce: Install ColdFusion 10 or 11 x64 on Microsoft Windows 2008 R2 x64. Follow ColdFusion-lockdown guides. Setup multiple websites and multiple datasources, all on Microsoft SQL Server. Let websites run over time with 4096MB heap size.
Actual Result: Over time, java
Team for help with this on CFsup@adobe.com
I hope this post helps though.
Installing ColdFusion 2016 in Distributed Mode under Windows/IIS:
- Install IIS (and URL Rewrite) on the Distributed Web Server
- Install Visual C++ 2012 x64