search : lockdown

select a category, or use search below
(searches all categories and all time range)

displaying top 100 results

ColdFusion 2018 Lockdown Guide
Typo in Lockdown Installer: intall
Lockdown Installer should find port from server.xml
[ANeff] Bug for: CF2018 Lockdown Guide URLs
[ANeff] Bug for: CF2018 Lockdown Guide URLs
[ANeff] Bug for: CF2018 Lockdown Guide URLs
Lockdown Installer Download is not HTTPS
NumberFormatException when running Linux Lockdown Installer
Lockdown installer 1 NonFatalErrors on Win 2016
Comment on ColdFusion 2018 Lockdown Guide by David Byers
Comment on ColdFusion 2018 Lockdown Guide by Tony Cap_408
Lockdown Installer does not report fatal errors as fatal
Comment on ColdFusion 2018 Lockdown Guide by mattInVail
Lockdown Installer: The BACKUP object with identifier LockDownBackup already exists.
Linux Lockdown Installer should not require OS account passwords
Lockdown Installer Should default Domain to Computer Name
Lockdown Installer does not use inheritance for file permissions
Rollback of Lockdown Installer caused 500 server error
Lockdown Installer Rolls back if Apache is Stopped
Comment on Server Auto-Lockdown by Charlie Arehart
Server Auto-Lockdown
Comment on Lockdown Installer Rolls back if Apache is Stopped by Kailash B.
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Vamseekrishna N.
Comment on Lockdown Installer: The BACKUP object with identifier LockDownBackup already exists. by Kailash B.
Comment on Lockdown Installer should find port from server.xml by Kailash B.
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
Comment on Lockdown Installer does not use inheritance for file permissions by Aaron N.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Manas M.
Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Peter F.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Peter F.
Comment on Lockdown Installer Rolls back if Apache is Stopped by Manas M.
Comment on Lockdown Installer does not use inheritance for file permissions by Kailash B.
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
Comment on [ANeff] Bug for: CF2018 Lockdown Guide URLs by Aaron N.
Comment on Lockdown Installer does not use inheritance for file permissions by Peter F.
Comment on Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux by Kailash B.
Lockdown Installer Failed to Restart Apache on RHEL 7.5 on SELinux
[ANeff] Bug for: Auto-Lockdown installer missing
Comment on Passwords are written to lockdown_logs.txt by Peter F.
Comment on Link to lockdown guide in installer returns a 404 by Piyush K.
Comment on Server Auto-Lockdown by RAHUL UPADHYAY
4476634 CF-4202932 Security : LockdownGuide Installer rolls back if wsconfig is left open Problem Description: If you accidentally leave wsconfig running while running the lockdown installer it fails half way through and has to roll back its changes. Ideally it could be checked at installer
[Lockdown] CF Scripts URI Should be Random
Passwords are written to lockdown_logs.txt
Comment on Server Auto-Lockdown by Michael Brown
Comment on Server Auto-Lockdown by philg15796544
Linux Installer points to cf11 lockdown guide
4214896 CF-4202005 Kailash B. Hi, Can you please attach the log file created at: [ColdFusion Home]\lockdown\lockdown_logs.txt? It will help us in debugging the issue. Thanks, Kailash
Comment on [ANeff] Bug for: Auto-Lockdown installer missing by Immanuel N.
Link to lockdown guide in installer returns a 404
In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required.
CF2018 Auto lockdown not able to complete, if Add-on, ODBC and .NET service services are not installed in Windows environment.
2672512 CF-4193907 S P. Hi Jim, Does this happen to you on CF10/11 lockdown guide setup as well? Thanks!
2609893 CF-3750729 External U. @Adam, yeah, lol Adobe, just remove the /CFIDE mapping (per lockdown guide) and try running hmm
Comment on Passwords are written to lockdown_logs.txt by Kailash B.
Comment on [Lockdown] CF Scripts URI Should be Random by James M.
Comment on [Lockdown] CF Scripts URI Should be Random by Aaron N.
2672729 CF-4175138 External U. Hi Preethi!, Very sorry for the delay. I -think- the issue only arises if Lockdown Guide is applied. In the description, I said it did not matter if Lockdown Guide was applied or not. But, I think I was wrong there. I'll test today and follow-up. Thanks!, -Aaorn
Comment on Link to lockdown guide in installer returns a 404 by Piyush K.
2609506 CF-3840648 Adobe D. Have you applied any of the steps in the lockdown guide (link given below) before getting update 2 ? http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/cf11/cf11-lockdown-guide.pdf (Comment added from ex-user id:amkum)
2612264 CF-3533394 External U. according to CF10 lockdown guide, pls add request filtering to block access to /CFIDE http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/cf10/cf10-lockdown-guide.pdf
Comment on Server Auto-Lockdown by Giancarlo Gomez
2673089 CF-4152217 External U. ALSO occurs in CF11 update 8 but NOT in CF10 update 19 (both setup using the lockdown guide as well)
Comment on Linux Installer points to cf11 lockdown guide by CFwatson U.
Comment on In the lockdown guide environment, after uninstalling the CF11 HF7 a manual restart of server is required. by Awdhesh K.
4869295 CF-4203348 HariKrishna K. Thanks for confirmation, we will publish the lock-down guide for CF 2018 very shortly.
Comment on [Lockdown] CF Scripts URI Should be Random by Miguel F.
new server is move and lockdown CFIDE and the scripts folder. It's even part of the Lockdown Guide so why not just fix this?
2612023 CF-3564422 External U. The updater regularly throws errors about insufficient permissions when running through the CF Administrator. I've seen this on my Windows 2008R2 (64-bit) server on which the Lockdown Guide has been run. I've also had this happen on both of my Windwos 7 64-bit
Benjamin Reid I am not saying anyone running cf2018 would encounter this issue.I am experiencing it though.I really just wanted some help to figure out my issue.I have applied a lockdown, in accordance with the official 2018 lockdown guide from Pete Freitag, although I am not expecting
2612134 CF-3554978 External U. +1 This recently bit me - when following the Lockdown guide. Though I think the documentation in the lockdown guide could be altered slightly, too. Simply, have the DENY rule for / CFIDE/scripts removed prior to the update process - then re-enable it after
Comment on Server Auto-Lockdown by Charlie Arehart
Vamseekrishna Nanneboina Regarding #2, the primary reason for refreshing the installers was to bundle Java 11, so the scope was kind of limited to Java 11 and Update 2 bug fixes. We've also added support for the Lockdown installer for Mac OS X.  We will see if anything can be done to fix #1 outside
Miguel Fernandez SauravGhosh – when you guys add security features like this in an update are you also updating the Server Auto-Lockdown installer to include them? (I realize this only applies to ColdFusion 2018)
2608457 CF-4090377 External U. The following command, does allow me to run SELinux in permissive mode again. chcon -R -t httpd_sys_rw_content_t /opt/coldfusion10/config You should make sure to update the Lockdown instructions to make sure this is included!
2609506 CF-3840648 External U. I am getting the exact same error. I have CF11 installed with no updates applied so far. I am also using the-built in web server and have not applied any lockdown steps or enabled secure mode.
2611127 CF-3639079 External U. I've seen this happen before. I think it was related to IIS restrictions that may get applied when following the ColdFusion Lockdown Guide. I'm going on memory here from something I saw last year. It's worth a check.
2612134 CF-3554978 External U. This is quite important as the official CF 10 lockdown guide tells you to put request DENY on the CFIDE/scripts directory, which is required to get updates via the automatic updater. If you follow that advice (and you should), updates won't succeed and you'll be left
4467319 CF-4202894 Aaron N. Wish I could edit. Please ignore the "Maybe in next updater?" as that doesn't even make sense. Issue should be fixed in next refresh of the installers. The Developer Edition installer flow should not have been changed in CF2018. One doesn't typically lockdown one's Dev
Tracker Issue Installer Errored
4214896 CF-4202005 Installation/Config : Lockdown Installer Installer Errored Problem Description: I got an error running the lockdown installer - see attached log file. Steps to Reproduce: Started with a fresh Windows 2016 server on EC2. Installed IIS. Deleted the Default Web Site, created two
quick hit on the update log revealed permission issues. Steps to Reproduce: Install CF2016 and follow the Lockdown guide completely (especially the part about the CFUser) Actual Result: The hotfix wasn't applied. Looks like it can't access/delete certain files. Expected Result: Hotfix
2609851 CF-3757675 AJAX : UI Components Aaron Neff [ANeff] Bug for: cfmap requires /CFIDE CF hardcodes /CFIDE in script src path to mapiconmaker.js. This breaks some map functionality when implementing the Lockdown Guide. Steps to Reproduce: (this example shows that zoom-to-show-user becomes
RAHUL UPADHYAY ColdFusion 2018 Add-on installers ColdFusion 2018 Add-on installers are available on https://www.adobe.com/support/coldfusion/downloads.html It includes installers for: COLDFUSION (2018 RELEASE) PERFORMANCE MONITORING TOOLSET COLDFUSION (2018 RELEASE) SERVER AUTO-LOCKDOWN COLDFUSION
Charlie Arehart Hidden Gems in CF2018, part 3 – Security, Performance, and the PMT Part 3 of the series moves on to covering the new CF2018 Auto Lockdown tool, various performance enhancements, and the new CF2018 Performance Monitoring Toolset (PMT). The post Hidden Gems in CF2018, part 3
Aaron Neff Hi All, These CF2018 Public Beta installers have been re-refreshed about 14 hours ago: - ColdFusion Windows installer - Performance Monitoring Toolset Windows installer - Automated Lockdown Windows installer CF build# changed from 2018.0.0.310409 to 2018.0.0.310608. The refreshed PMT
Coldfusion services with dedicated user and not with "Local system" as adviced by "cf11-lockdown-guide" Regards Pierre
4467319 CF-4202894 Aaron N. Hi Hari, Thanks very much, but what sense does it make to require manual wsconfig or Auto-Lockdown when installing CF as developer edition? That's a turn off. Making a simple thing complicated. Do you see what I mean? Installing Developer edition and configuring a site
and correct it. Are there any plans for a CF 2018 lockdown guide? It's a little weird using the one from 2016.
as to the urgency/importance/value.) As for you saying you applied lockdown, well, do you mean that you ran the CF2018 autolockdown tool (which the 2018 version of the lockdown guide now has you do)? If so, that may well be the cause of your issue (and why others may not be seeing it). That lockdown tool does
Comment on Server Auto-Lockdown by Miguel Fernandez
RAHUL UPADHYAY How to install ColdFusion updates manually Sometimes, CF administrator UI update installation could fail due to permissions, lockdown guide, network restrictions etc. You can follow below instructions to apply updates manually. Navigate to https
the following: Auto-discovery of nodes in Performance Monitoring Toolset Updated text in Server Lockdown installer screens More than 120 bug fixes For more information, see the blog, Adobe ColdFusion (2018 Release) Public Beta. The post ColdFusion (2018 release) Public Beta Refreshed Installers appeared first
Michaela Light Modernization of Adobe ColdFusion Helped Improving Security, Deployment and Other Important Aspects With the modernization of Adobe ColdFusion, we are witnessing some major improvements in many fields. Security is just one of many. Auto Lockdown features, Containerization and many