It is possible to restrict access to the ColdFusion Administrator, services, and internal directories by IP address. We recommend whitelisting only the IP addresses or subnets that require access to these systems. At a minimum, restrict access to your localhost in IPV4 and IPv6 as shown here.

Tip: High-security installations should not solely rely on IP restriction via this tool. As IP addresses can be spoofed, we recommend blocking access at the network edge via a properly configured firewall or similar device.

If access is restricted by IP address, authentication to those services will also require a username/password.

Tip: Be sure to review our ColdFusion security recommendations to help secure your server.

ColdFusion Administrator IP Addresses