The settings provided here focus on securing the ColdFusion Administrator application to prevent unauthorized access. We recommend some changes from the default settings.

Enable Separate user name and password authentication (allows multiple users). This allows more granular control of what certain users can access within the ColdFusion Administrator. Use a separate username for each person that will have access to this system (see User Manager).

Provide a random string for Password Seed. We recommend using a password generation tool to create a long (200+ character) string. ColdFusion will use this string to create the encryption key which is used for a variety of security services.

Disable Allow concurrent login sessions for ColdFusion Administrator. This prevents the same user account from being used to login to the ColdFusion Administrator concurrently.

Tip: Be sure to review our ColdFusion security recommendations to help secure your server.

ColdFusion Administrator Security