tracker issue : CF-4013824

select a category, or use search below
(searches all categories and all time range)
Title:

Make CFAdmin a separately installable app

| View in Tracker

Status/Resolution/Reason: Closed/Won't Fix/

Reporter/Name(from Bugbase): Adam Cameron / Adam Cameron (Adam Cameron)

Created: 06/29/2015

Components: Administrator

Versions: 11.0

Failure Type: Enhancement Request

Found In Build/Fixed In Build: CF11_Final /

Priority/Frequency: Trivial / Unknown

Locale/System: English / Platforms All

Vote Count: 8

From http://blog.adamcameron.me/2015/06/what-id-like-to-see-in-coldfusion12.html#CFAdmin

Make CFAdmin a separate module that can be optionally installed. Do not include it by default.

Decouple it psychologically from the concept of a CFML server, and something that should not, intrinsically, exist on a server.

Ideally make it so to can do its work remote to the server it's configuring.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4013824

External Customer Info:
External Company:  
External Customer Name: Adam
External Customer Email:  
External Test Config: My Hardware and Environment details:

Attachments:

Comments:

From a security point of view this would be the right way to do it!
Vote by External U.
6917 | June 29, 2015 03:29:49 AM GMT
+1 for this feature. It would be very nice to be able to disable this from a security standpoint.
Vote by External U.
6918 | June 29, 2015 08:14:16 AM GMT
Definitely. The admin has been one of the worst security holes in so many releases, it should not be part of a production install. At least not by default.
Vote by External U.
6919 | June 29, 2015 11:13:39 AM GMT
security point of view this would be great to secure admin-console
Vote by External U.
6920 | June 29, 2015 04:18:06 PM GMT
To improve security this should be a separate component/application to the CF engine. The install location should be our choice.
Vote by External U.
6921 | June 29, 2015 05:11:00 PM GMT
Agree 1000%. Since CFBuilder licenses come with CF server licenses, why not integrate it there?
Vote by External U.
6922 | June 29, 2015 05:31:38 PM GMT
+1 security should be a priority and this is one less attack vector
Vote by External U.
6923 | June 30, 2015 02:45:06 AM GMT
Agree. Should be easier to lock CF down by default
Vote by External U.
6924 | July 06, 2015 01:53:14 PM GMT
Can you pls not simply close a ticket "never fix" without explaining yourselves to your clients, 9 of whom have expressly indicated interest in this?
Comment by External U.
6916 | September 25, 2015 04:32:48 AM GMT