Adobe ColdFusion Security Best Practices (Server Auto-Lockdown)

  1. What is Server Auto-Lockdown?
  2. How does Server Auto-Lockdown keep your app secure?
  3. How to get the most out of Server Auto-Lockdown.

What is Server Auto-Lockdown?

How does Auto-Lockdown work?

How to get the most out of Server Auto-Lockdown

  1. Set it up right out of the box. Make it one of the first tools you run through as soon as you install ColdFusion.
  2. Follow Pete Frietag’s to Server Auto-Lockdown from the first to last page, making yourself and your team familiar with the process. These free PDF downloads walk you through the process, step-by-step, and are written by one of the preeminent ColdFusion security experts. Many developers don’t even know these guides exist — and hackers hope you never find them.
  3. Keep the manual lockdown process handy as well. Using both at the same time will increase the odds your server stays safe. You can’t be too pedantic when it comes to security.
  • Use proactive measures like routinely scanning for security flaws with Security Code Analyzer or . These tools dig up many of the same security lapses that hackers exploit. You want to find them before the hackers do.
  • Set limits on database access — the fewer people allowed into your server, the lower the odds of a hack. You’ll want to leave access for whoever tasked with running the lockdown. This is often one of your most dependable and least-absent developers, or yourself.
  • Make sure your developers write secure code. Duh. This makes your app and servers less vulnerable to hacks and SQL injections which can lead to datanapping and ransom requests, among other hacker tricks.
  • Use a web application firewall (WAF) as the first line of defense. ( works well).

--

--

--

ColdFusion development, security and optimization. CEO at TeraTech. Host of CF Alive podcast.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Ulord Project Progress (From August 26, 2021 to September 01, 2021)

SUPER AIRDROP WITH CHAINPAD

Biometrics: Ethical Implications of Future Authentication Systems

DNS Records Explained In a Simple way

How to deposit iHODL

SSL for everyone with Let’s Encrypt

Information the say is power when you are informed with the happenings around you, it can help u…

How to Audit Linux Systems using OpenSCAP

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michaela Light

Michaela Light

ColdFusion development, security and optimization. CEO at TeraTech. Host of CF Alive podcast.

More from Medium

Difference between Git and Github?

Git Bash: A common error and how to solve it

Why Lambda Container images & How to do quickly?