displaying top 100 results
Tracker Issue Linux Installer points to cf11 lockdown guide
Linux Installer points to cf11 lockdown guide
Tracker Issue Link to lockdown guide in installer returns a 404
Link to lockdown guide in installer returns a 404
Lockdown tool prevents selecting instance to lockdown when locked down instances > 10
Comment on Link to lockdown guide in installer returns a 404 by Piyush K.
Comment on Link to lockdown guide in installer returns a 404 by Piyush K.
Comment on Linux Installer points to cf11 lockdown guide by CFwatson U.
Comment on Linux Installer points to cf11 lockdown guide by CFwatson U.
Tracker Issue In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required.
In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required.
Tracker Issue CF2018 Auto lockdown not able to complete, if Add-on, ODBC and .NET service services are not installed in Windows environment.
CF2018 Auto lockdown not able to complete, if Add-on, ODBC and .NET service services are not installed in Windows environment.
Portal Comment Comment on Server Auto-Lockdown by Charlie Arehart
Comment on Server Auto-Lockdown by Charlie Arehart
Tracker Issue Typo in Lockdown Installer: intall
Typo in Lockdown Installer: intall
Adobe ColdFusion Security Best Practices (Server Auto-Lockdown)
Portal Comment Comment on Apply the Server Auto-Lockdown to a site without re-installing the Lockdown tool by SauravGhosh
Comment on Apply the Server Auto-Lockdown to a site without re-installing the Lockdown tool by SauravGhosh
Portal Topic Coldfusion 2018 Auto Lockdown tool
Coldfusion 2018 Auto Lockdown tool
Tracker Comment Comment on In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required. by Awdhesh K.
Comment on In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required. by Awdhesh K.
Portal Topic Server Auto-Lockdown
Server Auto-Lockdown
Apply the Server Auto-Lockdown to a site without re-installing the Lockdown tool
Tracker Issue [ANeff] Bug for: Auto-Lockdown installer missing
[ANeff] Bug for: Auto-Lockdown installer missing
Comment on Passwords are written to lockdown_logs.txt by Peter F.
Portal Comment Comment on Server Auto-Lockdown by Carl Meyer
Comment on Server Auto-Lockdown by Carl Meyer
Portal Topic ColdFusion 2018 Lockdown Guide
ColdFusion 2018 Lockdown Guide
Portal Comment Comment on Server Auto-Lockdown by RAHUL UPADHYAY
Comment on Server Auto-Lockdown by RAHUL UPADHYAY
Portal Comment Comment on ColdFusion 2018 Lockdown Guide by David Byers
Comment on ColdFusion 2018 Lockdown Guide by David Byers
Tracker Issue Installer rolls back if wsconfig is left open
4476634 CF-4202932 Security : LockdownGuide Installer rolls back if wsconfig is left open Problem Description: If you accidentally leave wsconfig running while running the lockdown installer it fails half way through and has to roll back its changes. Ideally it could be checked at installer
Tracker Issue [Lockdown] CF Scripts URI Should be Random
[Lockdown] CF Scripts URI Should be Random
Tracker Issue Passwords are written to lockdown_logs.txt
Passwords are written to lockdown_logs.txt
Portal Comment Comment on Server Auto-Lockdown by Michael Brown
Comment on Server Auto-Lockdown by Michael Brown
Portal Comment Comment on Server Auto-Lockdown by philg15796544
Comment on Server Auto-Lockdown by philg15796544
Tracker Comment Comment on Installer Errored by Kailash B.
4214896 CF-4202005 Kailash B. Hi,
Can you please attach the log file created at: [ColdFusion Home]\lockdown\lockdown_logs.txt?
It will help us in debugging the issue.
Thanks,
Kailash
Comment on Lockdown Installer Rolls back if Apache is Stopped by Kailash B.
Comment on [ANeff] Bug for: Auto-Lockdown installer missing by Immanuel N.
Portal Comment Comment on ColdFusion 2018 Lockdown Guide by Tony Cap_408
Comment on ColdFusion 2018 Lockdown Guide by Tony Cap_408
Tracker Issue Lockdown Installer does not report fatal errors as fatal
Lockdown Installer does not report fatal errors as fatal
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Vamseekrishna N.
Tracker Comment Comment on [Lockdown] CF Scripts URI Should be Random by John W.
Comment on [Lockdown] CF Scripts URI Should be Random by John W.
Portal Comment Comment on ColdFusion 2018 Lockdown Guide by mattInVail
Comment on ColdFusion 2018 Lockdown Guide by mattInVail
Tracker Issue Lockdown Installer should find port from server.xml
Lockdown Installer should find port from server.xml
Tracker Comment Comment on Lockdown Installer: The BACKUP object with identifier LockDownBackup already exists. by Kailash B.
Comment on Lockdown Installer: The BACKUP object with identifier LockDownBackup already exists. by Kailash B.
Lockdown Installer: The BACKUP object with identifier LockDownBackup already exists.
Linux Lockdown Installer should not require OS account passwords
Tracker Issue Silent installer - breaks ALL IIS connection pools - check params before doing anything
6750169 CF-4206954 Installation/Config : Lockdown Installer Silent installer - breaks ALL IIS connection pools - check params before doing anything I had run the lockdown tool in silent mode but a typo in the properties file for the “SILENT_WEBSITES_TO_LOCKDOWN” attribute (web site didn
Portal Comment Comment on Server Auto-Lockdown by Saurav Ghosh
Comment on Server Auto-Lockdown by Saurav Ghosh
Portal Comment Comment on Server Auto-Lockdown by Saurav Ghosh
Comment on Server Auto-Lockdown by Saurav Ghosh
SauravGhosh Its referring to auto lockdown.
For JDK, we recommend that you are on the latest update.
Comment on Coldfusion 2018 Auto Lockdown tool by Charlie Arehart
Lockdown Installer Should default Domain to Computer Name
Tracker Issue [ANeff] Bug for: CF2018 Lockdown Guide URLs
[ANeff] Bug for: CF2018 Lockdown Guide URLs
Tracker Issue [ANeff] Bug for: CF2018 Lockdown Guide URLs
[ANeff] Bug for: CF2018 Lockdown Guide URLs
Tracker Issue [ANeff] Bug for: CF2018 Lockdown Guide URLs
[ANeff] Bug for: CF2018 Lockdown Guide URLs
Tracker Issue Lockdown Installer Download is not HTTPS
Lockdown Installer Download is not HTTPS
Tracker Comment Comment on CF2016 sandobx bug? by S P.
2672512 CF-4193907 S P. Hi Jim,
Does this happen to you on CF10/11 lockdown guide setup as well?
Thanks!
2609893 CF-3750729 External U. @Adam, yeah, lol Adobe, just remove the /CFIDE mapping (per lockdown guide) and try running hmm
Comment on Lockdown Installer should find port from server.xml by Kailash B.
Comment on Passwords are written to lockdown_logs.txt by Kailash B.
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
Comment on [Lockdown] CF Scripts URI Should be Random by James M.
Tracker Comment Comment on Lockdown Installer does not use inheritance for file permissions by Aaron N.
Comment on Lockdown Installer does not use inheritance for file permissions by Aaron N.
Comment on [Lockdown] CF Scripts URI Should be Random by Aaron N.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Manas M.
Tracker Comment Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
David Byers Best Practices for Secure Password Storage in ColdFusion The biggest mistake that a developer can make is to store passwords in the clear.
The post Best Practices for Secure Password Storage in ColdFusion appeared first on ColdFusion. Blog,Lockdown,Security,blog,ColdFusion,lockdown,security
Fusion. Discussion,Lockdown,Security,2018,discussion,licensing,lockdown,Oracle,security
Lockdown Installer does not use inheritance for file permissions
Tracker Comment Comment on [ANeff] Bug for: imageWrite applies temp directory permissions in some cases by External U.
2672729 CF-4175138 External U. Hi Preethi!,
Very sorry for the delay. I -think- the issue only arises if Lockdown Guide is applied. In the description, I said it did not matter if Lockdown Guide was applied or not. But, I think I was wrong there. I'll test today and follow-up.
Thanks!,
-Aaorn
Tracker Comment Comment on Coldfusion 11 Update 2 impossible due to error in Coldfusion Administrator by Adobe D.
2609506 CF-3840648 Adobe D. Have you applied any of the steps in the lockdown guide (link given below) before getting update 2 ?
http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/cf11/cf11-lockdown-guide.pdf
(Comment added from ex-user id:amkum)
2612264 CF-3533394 External U. according to CF10 lockdown guide, pls add request filtering to block access to /CFIDE
http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/cf10/cf10-lockdown-guide.pdf
Tracker Issue Rollback of Lockdown Installer caused 500 server error
Rollback of Lockdown Installer caused 500 server error
Tracker Issue Lockdown Installer Rolls back if Apache is Stopped
Lockdown Installer Rolls back if Apache is Stopped
NumberFormatException when running Linux Lockdown Installer
Tracker Comment Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Portal Comment Comment on Server Auto-Lockdown by Giancarlo Gomez
Comment on Server Auto-Lockdown by Giancarlo Gomez
Portal Comment Comment on Server Auto-Lockdown by nickj24525839
Comment on Server Auto-Lockdown by nickj24525839
2673089 CF-4152217 External U. ALSO occurs in CF11 update 8 but NOT in CF10 update 19 (both setup using the lockdown guide as well)
Tracker Comment Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Peter F.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Manas M.
Tracker Comment Comment on cf_scripts/scripts Virtual Directory Breaks Administrator by HariKrishna K.
4869295 CF-4203348 HariKrishna K. Thanks for confirmation, we will publish the lock-down guide for CF 2018 very shortly.
Comment on [Lockdown] CF Scripts URI Should be Random by Miguel F.
Tracker Comment Comment on Isolate the /CFIDE/scripts directory from the rest of /CFIDE by External U.
new server is move and lockdown CFIDE and the scripts folder. It's even part of the Lockdown Guide so why not just fix this?
Tracker Comment Comment on Block Download and Install / Install Buttons in Server Update Page on Windows by External U.
2612023 CF-3564422 External U. The updater regularly throws errors about insufficient permissions when running through the CF Administrator. I've seen this on my Windows 2008R2 (64-bit) server on which the Lockdown Guide has been run. I've also had this happen on both of my Windwos 7 64-bit
Tracker Comment Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Tracker Issue Lockdown installer 1 NonFatalErrors on Win 2016
Lockdown installer 1 NonFatalErrors on Win 2016
first on ColdFusion. Blog,Lockdown,Security,blog,lockdown,security,updates
Benjamin Reid I am not saying anyone running cf2018 would encounter this issue.I am experiencing it though.I really just wanted some help to figure out my issue.I have applied a lockdown, in accordance with the official 2018 lockdown guide from Pete Freitag, although I am not expecting
Tracker Comment Comment on Automatic updates improvements by External U.
2612134 CF-3554978 External U. +1
This recently bit me - when following the Lockdown guide.
Though I think the documentation in the lockdown guide could be altered slightly, too.
Simply, have the DENY rule for / CFIDE/scripts removed prior to the update process - then re-enable it after
Portal Comment Comment on Server Auto-Lockdown by Charlie Arehart
Comment on Server Auto-Lockdown by Charlie Arehart
Vamseekrishna Nanneboina Regarding #2, the primary reason for refreshing the installers was to bundle Java 11, so the scope was kind of limited to Java 11 and Update 2 bug fixes. We've also added support for the Lockdown installer for Mac OS X. We will see if anything can be done to fix #1 outside
Miguel Fernandez SauravGhosh – when you guys add security features like this in an update are you also updating the Server Auto-Lockdown installer to include them? (I realize this only applies to ColdFusion 2018)
DougCain Hi Saurav, also noticed a couple of notes on the bulletin:
"Customers who have followed the lockdown procedures during installation are not impacted by this issue. "
Is this referring to manual and/or auto lock down?
If so the the issue only affects windows users that have not run
Tracker Comment Comment on SELinux issues with ColdFusion 10 update 18 connector (10,0,18,296330) by External U.
2608457 CF-4090377 External U. The following command, does allow me to run SELinux in permissive mode again.
chcon -R -t httpd_sys_rw_content_t /opt/coldfusion10/config
You should make sure to update the Lockdown instructions to make sure this is included!
Tracker Comment Comment on Coldfusion 11 Update 2 impossible due to error in Coldfusion Administrator by External U.
2609506 CF-3840648 External U. I am getting the exact same error. I have CF11 installed with no updates applied so far. I am also using the-built in web server and have not applied any lockdown steps or enabled secure mode.
Tracker Comment Comment on Can't Add Datasource by External U.
2611127 CF-3639079 External U. I've seen this happen before. I think it was related to IIS restrictions that may get applied when following the ColdFusion Lockdown Guide. I'm going on memory here from something I saw last year. It's worth a check.
Tracker Comment Comment on Automatic updates improvements by External U.
2612134 CF-3554978 External U. This is quite important as the official CF 10 lockdown guide tells you to put request DENY on the CFIDE/scripts directory, which is required to get updates via the automatic updater. If you follow that advice (and you should), updates won't succeed and you'll be left
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
4467319 CF-4202894 Aaron N. Wish I could edit. Please ignore the "Maybe in next updater?" as that doesn't even make sense.
Issue should be fixed in next refresh of the installers. The Developer Edition installer flow should not have been changed in CF2018. One doesn't typically lockdown one's Dev
Tracker Comment Comment on Lockdown Installer does not use inheritance for file permissions by Peter F.
Comment on Lockdown Installer does not use inheritance for file permissions by Peter F.
Tracker Issue Installer Errored
4214896 CF-4202005 Installation/Config : Lockdown Installer Installer Errored Problem Description: I got an error running the lockdown installer - see attached log file.
Steps to Reproduce:
Started with a fresh Windows 2016 server on EC2. Installed IIS. Deleted the Default Web Site, created two
Tracker Issue "Download and Install" fails when installing on Update 1
quick hit on the update log revealed permission issues.
Steps to Reproduce:
Install CF2016 and follow the Lockdown guide completely (especially the part about the CFUser)
Actual Result:
The hotfix wasn't applied. Looks like it can't access/delete certain files.
Expected Result:
Hotfix