What is the best practice to protect coldfusion administrator login page

Hi all,
Can someone suggest what is the best practice to protect the administrator login? At the moment, there is only the normal administrator page password to protect. It seems like not very secure especially when the application is on the internet.
Regards,
Bubblegum.

You can protect the page with file system level privs.  Setup a new virtual server that maps to a seperate copy of /cfide (and remove /admin and /adminapi from the other cfide folder your internet sites use).  Limit what IP addresses can hit /cfide.
We run multiple instances, so we connect directly to each instance to manage it.  And those ports aren't accessable on the internet.  To top it off, we have an ISAPI ReWrite rule that sends a 404 if you try /cfide/administrator or adminapi.
If you're using CF8, you can set it up so it requires a specific username instead of a generic name.

Similar Messages

  • What is the best way to protect it?

    I HATE getting scratches or any sort of cosmetical damage on my devices, I am getting my first MBP on Friday, and want to know what the best way to keep it like new is?
    It won't be leaving the house regularly for a while, but I do have a neoprene case which I think it will fit for travelling anyway.
    I have seen many people with cases on their Macs, I don't know what the proper name is for them, but they are like hard shells attached to the back of the lid, are these recommended? I have read about some heat issues with it.
    What is the best way to protect the screen? I don't ever touch it, so I don't think that will be a problem, but cleaning dust off etc.?
    Lastly, will the trackpad wear away? My laptop's trackpad has slightly faded from it being used a lot, are MBP's prone to this too? I will try to use a mouse as much as possible.
    Are there any other things I should know about? I read that the bottom can get scratched easily too? I would only use it on a flat surface, so something like my lap, so depending on how soft the metal is... It can't be that bad can it?
    Thanks!

    Wouldnt buy that, nope
    Hard cases protect the finish of your macbook, but they trap in heat, ....many here have spoken on same.
    A major part of a macbook pro, especially a RETINA PRO is dissipating heat from the alloy case, which this case prevents from happening.
    Yes, youre stopping all the scratch,.....and likewise keeping the Macbook from dissipating a lot of heat.
    When I said INCASE, I meant this:
    http://www.amazon.com/Incase-CL57482-Nylon-Sleeve-13-Inch/dp/B0043NTOKC/ref=sr_1 _1?ie=UTF8&qid=1382551803&sr=8-1&keywords=incase+carry

  • What are the best practices to connect 30-40 iPads to Wi-Fi in a single room?

    What are the best practices to connect 30-40 iPads to Wi-Fi in a single room?

    I don't use it but it does say this in the help section...

  • What are the best practices to migrate VPN users for Inter forest mgration?

    What are the best practices to migrate VPN users for Inter forest mgration?

    It depends on a various factors. There is no "generic" solution or best practice recommendation. Which migration tool are you planning to use?
    Quest (QMM) has a VPN migration solution/tool.
    ADMT - you can develop your own service based solution if required. I believe it was mentioned in my blog post.
    Santhosh Sivarajan | Houston, TX | www.sivarajan.com
    ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA
    Windows Server 2012 Book - Migrating from 2008 to Windows Server 2012
    Blogs: Blogs
    Twitter: Twitter
    LinkedIn: LinkedIn
    Facebook: Facebook
    Microsoft Virtual Academy:
    Microsoft Virtual Academy
    This posting is provided AS IS with no warranties, and confers no rights.

  • What are the best practices to replace a disk in 6140 ?

    What are the best practices to replace a disk in 6140?
    Regards

    The best way is to follow CAM Service Advisor instructions.

  • What is the best practice for changing view states?

    I have a component with two Pie Charts that display
    percentages at two specific dates (think start and end values).
    But, I have three views: Start Value only, End Value only, or show
    Both. I am using a ToggleButtonBar to control the display. What is
    the best practice for changing this kind of view state? Right now
    (since this code was inherited), the view states are changed in an
    ActionScript function which sets the visible and includeInLayout
    properties on each Pie Chart based on the selectedIndex of the
    ToggleButtonBar, but, this just doesn't seem like the best way to
    do this - not very dynamic. I'd like to be able to change the state
    based on the name of the selectedItem, in case the order of the
    ToggleButtons changes, and since I am storing the name of the
    selectedItem for future reference.
    Would using States be better? If so, what would be the best
    way to implement this?
    Thanks.

    I would stick with non-states, as I have always heard that
    states are more for smaller components that need to change under
    certain conditions, like a login screen that changes if the user
    needs to register.
    That said, if the UI of what you are dealing with is not
    overly complex, and if it will not become overly complex, maybe
    states is the way to go.
    Looking at your code, I don't think you'll save much in terms
    of lines of code.

  • What is the best practice in securing deployed source files

    hi guys,
    Just yesterday, I developed a simple image cropper using ajax
    and flash. After compiling the package, I notice the
    package/installer delivers the same exact source files as in
    developed to the installed folder.
    This doesnt concern me much at first, but coming to think of
    it. This question keeps coming out of my head.
    "What is the best practice in securing deployed source
    files?"
    How do we secure application installed source files from
    being tampered. Especially, when it comes to tampering of the
    source files after it's been installed. E.g. modifying spraydata.js
    files for example can be done easily with an editor.

    Hi,
    You could compute a SHA or MD5 hash of your source files on
    first run and save these hashes to EncryptedLocalStore.
    On startup, recompute and verify. (This, of course, fails to
    address when the main app's swf / swc / html itself is
    decompiled)

  • What is the best practice for inserting (unique) rows into a table containing key columns constraint where source may contain duplicate (already existing) rows?

    My final data table contains a two key columns unique key constraint.  I insert data into this table from a daily capture table (which also contains the two columns that make up the key in the final data table but are not constrained
    (not unique) in the daily capture table).  I don't want to insert rows from daily capture which already exists in final data table (based on the two key columns).  Currently, what I do is to select * into a #temp table from the join
    of daily capture and final data tables on these two key columns.  Then I delete the rows in the daily capture table which match the #temp table.  Then I insert the remaining rows from daily capture into the final data table. 
    Would it be possible to simplify this process by using an Instead Of trigger in the final table and just insert directly from the daily capture table?  How would this look?
    What is the best practice for inserting unique (new) rows and ignoring duplicate rows (rows that already exist in both the daily capture and final data tables) in my particular operation?
    Rich P

    Please follow basic Netiquette and post the DDL we need to answer this. Follow industry and ANSI/ISO standards in your data. You should follow ISO-11179 rules for naming data elements. You should follow ISO-8601 rules for displaying temporal data. We need
    to know the data types, keys and constraints on the table. Avoid dialect in favor of ANSI/ISO Standard SQL. And you need to read and download the PDF for: 
    https://www.simple-talk.com/books/sql-books/119-sql-code-smells/
    >> My final data table contains a two key columns unique key constraint. [unh? one two-column key or two one column keys? Sure wish you posted DDL] I insert data into this table from a daily capture table (which also contains the two columns that make
    up the key in the final data table but are not constrained (not unique) in the daily capture table). <<
    Then the "capture table" is not a table at all! Remember the fist day of your RDBMS class? A table has to have a key.  You need to fix this error. What ETL tool do you use? 
    >> I don't want to insert rows from daily capture which already exists in final data table (based on the two key columns). <<
    MERGE statement; Google it. And do not use temp tables. 
    --CELKO-- Books in Celko Series for Morgan-Kaufmann Publishing: Analytics and OLAP in SQL / Data and Databases: Concepts in Practice Data / Measurements and Standards in SQL SQL for Smarties / SQL Programming Style / SQL Puzzles and Answers / Thinking
    in Sets / Trees and Hierarchies in SQL

  • What is the best practice to display info of completed task in process flow

    Hi all,
    I'm starting to study BPM modeling with CE7.1 EHP1. Thanks to the tutorial and example on SDN site and I can easily build my own process in NWDS and deploy to server, start it, finish it.
    I like the new runtime which can show a BPMN diagram to the processors. However, I can't find a way to let the follow up processor to review the task result completed in previous step. I'm more familiar with Guided Procedure, and know there is "Display Callable Object" which can used to show some info of a completed task when the processor/owner/admin/overseer click on a completed task.  Where is the feature in BPM ? What is the best practice to show such task information in BPM environment.
    For example, A multiple level approval process, the higher level approver need to know the comment written by the previous approver. Can he read this information from process flow ?
    I think it is very important feature for a BPM platform. In Guided Procedure, such requirement can be done with Display Callable Object + View Permission, and you just need some coding for the UI. If BPM is superior to GP, I think there must be a way to achieve this, I just do not know how ?
    Can anyone shed me some light on it ?

    Oliver,
    Thanks for your quick reply.
    Yes, Notes and Attachment CAN BE USED for the purpose. But I'm still looking for a more elegant solution.
    With the solution of using Notes/Attachment, the processor need to give input at two places : the task UI and Note/Attach , with similar or same data. It is really annoying.
    Is there any SAP BPM real-world deployment ? None of customer has the requirement ?

  • What is the best practice for full browser video to achieve the highest quality?

    I'd like to get your thoughts on the best way to deliver full-browser (scale to the size of the browser window) video. I'm skilled in the creation of the content but learning to make the most out of Flash CS5 and would love to hear what you would suggest.
    Most of the tutorials I can find on full browser/scalable video are for earlier versions of Flash; what is the best practice today? Best resolution/format for the video?
    If there is an Adobe guide to this I'm happy to eat humble pie if someone can redirect me to it; I'm using CS5 Production Premium.
    I like the full screen video effect they have on the "Sounds of pertussis" web-site; this is exactly what I'm trying to create but I'm not sure what is the best way to approach it - any hints/tips you can offer would be great?
    Thanks in advance!

    Use the little squares over your video to mask the quality. Sounds of Pertussis is not full screen video, but rather full stage. Which is easier to work with since all the controls and other assets stay on screen. You set up your html file to allow full screen. Then bring in your video (netstream or flvPlayback component) and scale that to the full size of your stage  (since in this case it's basically the background) . I made a quickie demo here. (The video is from a cheapo SD consumer camera, so pretty poor quality to start.)
    In AS3 is would look something like
    import flash.display.Loader;
    import flash.net.URLRequest;
    import flash.display.Bitmap;
    import flash.display.BitmapData;
    import flash.ui.Mouse;
    import flash.events.Event;
    import flash.events.MouseEvent;
    import flash.display.StageDisplayState;
    stage.align = StageAlign.TOP_LEFT;
    stage.scaleMode = StageScaleMode.NO_SCALE;
    // determine current stage size
    var sw:int = int(stage.stageWidth);
    var sh:int = int(stage.stageHeight);
    // load video
    var nc:NetConnection = new NetConnection();
    nc.connect(null);
    var ns:NetStream = new NetStream(nc);
    var vid:Video = new Video(656, 480); // size off video
    this.addChildAt(vid, 0);
    vid.attachNetStream(ns);
    //path to your video_file
    ns.play("content/GS.f4v"); 
    var netClient:Object = new Object();
    ns.client = netClient;
    // add listener for resizing of the stage so we can scale our assets
    stage.addEventListener(Event.RESIZE, resizeHandler);
    stage.dispatchEvent(new Event(Event.RESIZE));
    function resizeHandler(e:Event = null):void
    // determine current stage size
        var sw:int = stage.stageWidth;
        var sh:int = stage.stageHeight;
    // scale video size depending on stage size
        vid.width = sw;
        vid.height = sh;
    // Don't scale video smaller than certain size
        if (vid.height < 480)
        vid.height = 480;
        if (vid.width < 656)
        vid.width = 656;
    // choose the smaller scale property (x or y) and match the other to it so the size is proportional;
        (vid.scaleX > vid.scaleY) ? vid.scaleY = vid.scaleX : vid.scaleX = vid.scaleY;
    // add event listener for full screen button
    fullScreenStage_mc.buttonMode = true;
    fullScreenStage_mc.mouseChildren = false;
    fullScreenStage_mc.addEventListener(MouseEvent.CLICK, goFullStage, false, 0, true);
    function goFullStage(event:MouseEvent):void
        //vid.fullScreenTakeOver = false; // keeps flvPlayer component from becoming full screen if you use it instead  
        if (stage.displayState == StageDisplayState.NORMAL)
            stage.displayState=StageDisplayState.FULL_SCREEN;
        else
            stage.displayState=StageDisplayState.NORMAL;

  • What is the Best practice for ceramic industry?

    Dear All;
    i would like to ask two questions:
    1- which manufacturing category (process or discrete) fit ceramic industry?
    2- what is the Best practice for ceramic industry?
    please note from the below link
    [https://websmp103.sap-ag.de/~form/sapnet?_FRAME=CONTAINER&_OBJECT=011000358700000409682008E ]
    i recognized that ceramic industry is under category called building material which in turn under mill product and mining
    but there is no best practices for building material or even mill product and only fabricated meta and mining best practices is available.
    thanks in advance

    Hi,
    I understand that you refer to production of ceramic tiles. The solution for PP was process, with these setps: raw materials preparation (glazes and frits), dry pressing (I don't know extrusion process), glazing, firing (single fire), sorting and packing. In Spain, usually are All-in-one solutions (R/3 o ECC solutions). Perhaps the production of decors have fast firing and additional processes.
    In my opinion, the curiosity is in batch determination in SD, that you must determine in sales order because builders want that the order will be homogeneus in tone and caliber, and he/she can split the order in diferents deliveries. You must think that batch is tone (diferents colours in firing and so on) and in caliber.
    I hope this helps you
    Regards,
    Eduardo

  • Database Log File becomes very big, What's the best practice to handle it?

    The log of my production Database is getting very big, and the harddisk is almost full, I am pretty new to SAP, but familiar with SQL Server, if anybody can give me advice on what's the best practice to handle this issue.
    Should I Shrink the Database?
    I know increase hard disk is need for long term .
    Thanks in advance.

    Hi Finke,
    Usually the log file fills up and grow huge, due to not having regular transaction log backups. If you database is in FULL recovery mode, every transaction is logged in Transaction file, and it gets cleared when you take a log backup. If it is a production system and if you don't have regular transaction log backups, the problem is just sitting there to explode, when you need a point in time restore. Please check you backup/restore strategy.
    Follow these steps to get transactional file back in normal shape:
    1.) Take a transactional backup.
    2.) shrink log file. ( DBCC shrinkfile('logfilename',10240)
          The above command will shrink the file to 10 GB.(recommended size for high transactional systems)
    >
    Finke Xie wrote:
    > Should I Shrink the Database? .
    "NEVER SHRINK DATA FILES", shrink only log file
    3.) Schedule log backups every 15 minutes.
    Thanks
    Mush

  • What is the best way to protect my macbook on the internet

    what is the best way to protect my macbook on the internet, using mobile broadband?

    against what ? malware ?
    on Macs, all that's needed is common sense.
    Mac Virus/Malware Info

  • What is the best way to protect my new Macbook Pro?

    I finally have a shinny new 13" Macbook Pro Rentina and I'm wondering what is the best way to protect it? I am considering either a hard case or a sleeve but which one is the best? This thing is worth more than my car and I can't afford for anything to happen to it! Hard case? Sleeve? Both?

    Congratulations on your MBPR! I had the exact same question when I bought mine. I ended up using a hard case and a sleeve. For the case I went with the Kuzy Hard Case and an Incase Deluxe Sleeve. Using a sleeve and case is great and I feel like my Macbook is very well protected and I am no longer scared of breaking it with this setup! Best of luck!

  • What is the best way to protect my macbook pro? should I install mackeeper? Thank you :)

    what is the best way to protect my macbook pro? should I install mackeeper? Thank you

    MacKeeper is malware that charges a fee. Do not install it under any circumstances.
    Keep your software up-to-date with Software Update.
    Don't click on links in emails, retype the URLs to be sure you know where it is sending you.
    Don't download a "codec" or program to view content on a website from the same site -- standard viewers should come from the codec developer's site, not the content site.
    Don't fall for requests from your bank or PayPal to verify your information -- they don't do it that way.
    Download Flash only from:
    http://get.adobe.com/flashplayer/
    You did NOT win any contests you did not enter, and you are not the 10,000th vistitor to any site.

Maybe you are looking for

  • Print button on tablet.

    Ive created a simple list app for the iPad using flash builder 4.6.  Is there a way to print the list that are created?

  • Error in installing ORABPEL instance

    Hi, I am trying to create ORABPEL instance on Oracle Database XE using IRCA.BAT file but I am getting following Java error: C:\>MANAV_CHOPRA\Softwares_download\soa_windows_x86_101310_disk1\install\soa_sch emas\irca\irca.bat orabpel "localhost 1521 XE

  • Calculating a percentage of change from one day to the other

    I'm working on a report that is grouped by date. What I'm trying to is calculate the difference between one day to the next. But when I try to do the formula it's thinks it's calculating against itself... Group by Date: 9/1 = $100                    

  • Removing the face identification squares?

    I ran the facial recognition software on all my photos, not realizing the several thousand faces that would be identified, and then subsequently gone through and labeled. I would like to remove all the "face squares" from the photos, but as can be se

  • Nike+ and moving to new iTunes installation

    I'm installing iTunes on a new computer and want to make sure I don't lose any Nike+ info if I don't have to. Is there a correct way to do this so that I get to keep all my run data from my old machine?