MACROMEDIA COLDFUSION 5 - INSTALING AND CONFIGURING SERVER Informações Técnicas descarregar pdf (Página 52)

Adobe documentation - Confidential

Setting

Default

Recommendation

Description

Watch configuration

files for changes

(check every N

seconds)

Unchecked

If your configuration requires this

setting to be enabled (if using

WebSphere ND vertical cluster for

example), increase the time to be as

large as possible.

If an attacker is able to modify the

configuration of your ColdFusion

server, their changes can become

active within a short period of time

when this setting is enabled.

Enable Global Script

Protection

Unchecked

Understand

limitations,

Checked

This setting provides very limited

protection against certain Cross Site

Scripting attack vectors. It is

important to understand that

enabling this setting does not

protect your site from all possible

Cross Site Scripting attacks.

When this setting is turned on it

uses a regular expression defined in

the file neo-security.xml to replace

input variables containing following

tags: object, embed, script, applet,

meta with InvalidTag. This setting

does not restrict any JavaScript

strings that may be injected and

executed, iframe tags, or any XSS

obfuscation techniques.

Disable creation of

unnamed

applications

Unchecked

Checked

Applications should have a name so

they can be isolated from each

other.

Allow adding

application variables

to Servlet Context

Unchecked

Keep unchecked to improve

application isolation.

Adobe documentation - Confidential

1 2 ... 47 48 49 50 51 52 53 54 55 56 57 ... 76 77

Comentários a estes Manuais

Sem comentários

MACROMEDIA COLDFUSION 5 - INSTALING AND CONFIGURING SERVER Informações Técnicas Página 52

Comentários a estes Manuais

Manuais e produtos relacionados com Servidores MACROMEDIA COLDFUSION 5 - INSTALING AND CONFIGURING SERVER