|
Mailing Lists
|
Home /
Groups /
ColdFusion Talk (CF-Talk)
Securing Railo
So, I got Railo Beta 4 up and running on IIS 7.5 today. It was just asMichael David 08/23/12 06:08 P You can use url rewrite to restrict access, or install helicon ape and useRuss Michaels 08/23/12 06:20 P > For Railo, should I similarly restrict the railo-context directory?Dave Watts 08/23/12 06:23 P So, I got Railo Beta 4 up and running on IIS 7.5 today. It was just as easy as I had hoped. Now, what do I need to do to secure Railo? For example on my CF installs, I do not allow access to /CFIDE from the web. I administrate CF from IPs only. For Railo, should I similarly restrict the railo-context directory? What About the WEB-INF directory? -- Cheers! Michael David You can use url rewrite to restrict access, or install helicon ape and use the .htaccess files already there. Regards Russ Michaels On Aug 23, 2012 11:08 PM, "Michael David" <lists@michaeldavid.com> wrote: ----- Excess quoted text cut - see Original Post for more ----- > For Railo, should I similarly restrict the railo-context directory? > What About the WEB-INF directory? I don't know much about Railo specifically, but in general, J2EE web applications block access to /WEB-INF by default, so I doubt you have to do anything with that. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite.
|
May 18, 2013
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
