- Open CF administrator
- Select "Debugging Ips"
- Add 127.0.0.1
- Remove all other IPs
Current projects, notes, tips and general musings on application development and systems administration from Banshee Tech
Thursday, 28 May 2009
PCI Compliance - ColdFusion Debug Information
It should be blocked anyway but it is a common problem when undergoing PCI Compliance that ColdFusion debug information may be displayed by appending mode=debug to any CF URL. To prevent this limit the IPs that can access the debug information, preferably limit this to 127.0.0.1:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment