The Left Side of Normal Airplanes, The Internet, and Everything Else

Pete Freitag, of HackMyCF fame, has written an informative guide on securing Adobe ColdFusion Server.  The guide is available from Adobe.  It covers how to lock down the ColdFusion Server installation and limit the attack surface that the server software itself presents.  It also talks about how to lock down the administrator so that it is only available to those who need access.  The guide makes great suggestions for those who run production ColdFusion servers that want to minimize their attack surface.  The guide also discusses how to remove functionality you're not using from the server, makes suggestions for various ColdFusion administrator settings and their impacts, as well as some suggestions for developers to improve the security of their code.  Overall, a nice guide for anyone who administers a ColdFusion server.