Administering the ColdFusion Server
|
|
Chapter 9 : Configuring Basic Security
|
Configuring Basic Runtime Security
Basic security lets you disable execution of seven CFML tags that could present security hazards. You can, however, specify a special directory, called the Unsecured Tags Directory; this is the only directory from which ColdFusion will execute tags you disable with Basic security. Tags you disable with Basic security remain disabled if you switch to Advanced security.
 |
To restrict tag execution
|
- Open the ColdFusion Administrator and click the Basic Security link.
You see the Basic Server Security Page.
- Under Tag Restrictions, remove the check mark from the check box that appears in front of each tag you want to disable. You can block execution of the following tags:
- CFDIRECTORY
- CFFILE
- CFCONTENT
- CFOBJECT
- CFREGISTRY
- CFSECURITYADMIN
- CFEXECUTE
- To specify a directory from which otherwise blocked tags can be executed, enter a fully qualified path (using forward slashes) in the Unsecured Tags Directory field. By default, this is the directory in which the ColdFusion Administrator is installed.
ColdFusion displays an error message when it encounters a restricted tag in an application. For more information about these tags, see to the CFML Language Reference.
Copyright © 1999, Allaire Corporation. All rights reserved.
|
|