This article lists recommendations and best practices for securing servers on the web running Microsoft Windows Server 2003 and Macromedia ColdFusion MX 7. This is not a comprehensive host-hardening guide for Windows 2003. Instead, this article describes a variety of security-hardening settings that you should implement to enhance the security of ColdFusion MX 7 running on IIS 6.0 servers that host HTML content within a corporate intranet. To ensure that the ColdFusion application servers stay secure, however, you should also implement security monitoring, detection, and response procedures.

I wrote this article primarily for consultants, security specialists, systems architects, and IT professionals who are responsible for planning application or infrastructure development and deployment of ColdFusion MX 7 running on IIS 6.0. These roles include the following common job descriptions:

• IT and Operations engineers who must deploy secure web applications and servers in customers' organizations, or their own
• Architects and planners who are responsible for planning the architectural efforts for the clients in their organizations
• IT security specialists who focus on providing security across the platforms within their organizations
• Consultants from Macromedia and partners who need detailed resources of relevant, useful information for customers and partners

Requirements

To read this article from a conceptual point of view, you do not need to download and install ColdFusion MX 7. However, to implement the recommended security settings while reading along, you must download and install ColdFusion MX 7.

ColdFusion MX 7

• Try
• Buy

Page 1 of 5

Next Page

About the author