Mapping CFIDE is a security risk
Uncategorized | (3)
I've been playing a little with the <cfcalendar> tag in an app I'm working on. It seems that for the Flash to be usable, you need a /CFIDE mapping on your server. Which is all well and good, except that on a production-level server, you're a certifiable nutjob if you have a live /CFIDE, as it opens up access to the CF Administrator. If you need access to the CF Administrator, and therefore to /CFIDE, it should be on a separate virtual server which:
responds on a different, preferably non-routable, IP address
is mapped on a non-standard TCP port
is ...
