Security > Sandbox Security

This area is where we can secure and sandbox code in ColdFusion based on the location of the requested template. This feature is used to restrict applications from operating outside of their predefined space (sandbox). It is common to have several applications using the same server in large organizations or in a multi-host scenario. Sandboxing can be the best way to secure each project’s code base.

We recommend that ColdFusion Sandbox Security is enabled and sensitive tags such as <cfexecute> and <cfregistry> be disabled by default. Sandbox Security is not enabled by default.

Tip: Be sure to review our ColdFusion security recommendations to help secure your server.

ColdFusion Administrator Sandbox Security.

Next, we will disable two tags to prevent their use: <cfexecute> and <cfregistry>. It is a best practice to disable all tags not used within each sandbox directory. We recommend searching your codebase for each sandbox and disabling any tags or functions that are not needed.

In addition, it is recommended that you restrict each sandbox to only the data sources required.

ColdFusion Administrator User

Security > Sandbox Security

Additional Help

More ColdFusion Tuning Topics

Server Settings

Data & Services

Debugging & Logging

Server Monitoring

Extensions

Event Gateways

Security

Packaging & Deployment

Enterprise Manager

Server Update

ColdFusion spoken here.

Receive our newsletter