Adobe ColdFusion Security Best Practices (Server Auto-Lockdown)

  1. What is Server Auto-Lockdown?
  2. How does Server Auto-Lockdown keep your app secure?
  3. How to get the most out of Server Auto-Lockdown.

What is Server Auto-Lockdown?

How does Auto-Lockdown work?

How to get the most out of Server Auto-Lockdown

  1. Set it up right out of the box. Make it one of the first tools you run through as soon as you install ColdFusion.
  2. Follow Pete Frietag’s to Server Auto-Lockdown from the first to last page, making yourself and your team familiar with the process. These free PDF downloads walk you through the process, step-by-step, and are written by one of the preeminent ColdFusion security experts. Many developers don’t even know these guides exist — and hackers hope you never find them.
  3. Keep the manual lockdown process handy as well. Using both at the same time will increase the odds your server stays safe. You can’t be too pedantic when it comes to security.
  • Use proactive measures like routinely scanning for security flaws with Security Code Analyzer or . These tools dig up many of the same security lapses that hackers exploit. You want to find them before the hackers do.
  • Set limits on database access — the fewer people allowed into your server, the lower the odds of a hack. You’ll want to leave access for whoever tasked with running the lockdown. This is often one of your most dependable and least-absent developers, or yourself.
  • Make sure your developers write secure code. Duh. This makes your app and servers less vulnerable to hacks and SQL injections which can lead to datanapping and ransom requests, among other hacker tricks.
  • Use a web application firewall (WAF) as the first line of defense. ( works well).

--

--

--

ColdFusion development, security and optimization. CEO at TeraTech. Host of CF Alive podcast.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Slot The Pharaoh Hack Free Resources Generator

Res Walkthrough — TryHackMe

Broken-2020: 1 Write-Up

MAYBE YOU’RE SECURE ONLINE, BUT ARE YOUR KIDS?

Social Engineering: Cybersecurity’s Achilles’ Heel

Keep your personal data secure without a third-party server

Kali on My Mind

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michaela Light

Michaela Light

ColdFusion development, security and optimization. CEO at TeraTech. Host of CF Alive podcast.

More from Medium

Git source code management for Oracle Integration Artifacts using VB Studio

Perimeter security with Fastly edge and AWS — Part II

把 SQLite DB 變成 App 專用資料格式

Searching for the world’s fastest database