Section
12.2.4
Top Level
General

Eliminate all unused files (i.e., logs, sample applications, documentation, unused features) from Web/app server applications. Install latest patches. Eliminate unused accounts. Change default passwords. If possible, remove compilers on Production system. Refer to the Server Hardening Checklists for more information.

Coldfusion

Restrict access of the following subdirectories under the \CFIDE directory to specific IP addresses and/or user groups/accounts:

  • adminapi
  • administrator
  • componentutils
  • wizards

Remove the \cfdocs directory. Sample applications are installed by default in the cfdocs directory and are accessible to anyone. These applications should never be available on a production server.

Natural Webagent
Refer to the general guidelines (e.g. don't migrate archive directories to production)