Security section

The Security section of the Administrator lets you configure the security frameworks of ColdFusion MX.

For more information on security, see Chapter 4, "Administering Security".

CF Admin Password page

You use the CF Admin Password page of the Administrator to enable and disable password-restricted access to the Administrator, and to change the Administrator password.

RDS Password page

You use the RDS Password page to enable and disable password-restricted access to server resources from Dreamweaver MX or ColdFusion Studio using Remote Development Services (RDS), and to change the password.

Sandbox Security page

The Sandbox Security page has two areas-Enable ColdFusion Security and Sandbox Settings.

Enable ColdFusion Security Settings area

Use this area to enable ColdFusion security. Once enabled, you can secure ColdFusion in the following ways:

Administrative access Protects access to Administrator pages with a password.
Application development Protects access to data sources and files with passwords and blocks access to some sensitive ColdFusion tags.
Application deployment Prevents applications from executing several ColdFusion tags that could be used to update, delete, or manipulate server files.

Sandbox Settings area

Sandbox security uses the location of your ColdFusion pages to determine functionality. A sandbox is a designated area (files or directories) of your site to which you apply security restrictions. By default, a subdirectory (or child directory) inherits the sandbox settings of the directory one level above it (the parent directory). If you define sandbox settings for a subdirectory, you override the sandbox settings inherited from the parent directory.

Use sandbox security to control access to:

Data sources
Tags
Functions
Files and directories
IP ports