Administrator settings affected by enabling Secure Profile

 

Administrator Settings

Path

Default Admin Profile

Secure Profile

Changes to the setting post migration to ColdFusion 10

1

Use UUID for cftoken

Server Settings > Settings

Enabled

Enabled

Overwritten

2

Disable access to internal ColdFusion Java components

Server Settings > Settings

Disabled

Enabled

Overwritten

3

Enable Global Script Protection

Server Settings > Settings

Enabled

Enabled

Overwritten

4

Maximum size of post data

Server Settings > Settings

20MB

20MB

Overwritten

5

Missing Template Handler

Server Settings > Settings

No Value

Custom missing error template

Retained if specified

6

Site-wide Error Handler

Server Settings > Settings

No Value

Custom site-wide error template

Retained if specified

7

Request Queue Timeout Page

Server Settings > Request Tuning

No value

Custom error template

Retained if specified

8

Cookie Timeout

Server Settings > Memory Variables

15767000 minute

1440 minute

N/A

9

Disabling updating of ColdFusion internal cookies using ColdFusion tags/functions

Server Settings > Memory Variables

Disabled

Enabled

N/A

10

Enable WebSocket Server

Server Settings > WebSocket

Enabled

Disabled

N/A

11

Start Flash Policy Server

Server Settings > WebSocket

Enabled

Disabled

N/A

12

Allowed SQL (all settings)

Data & Services > Data Sources > [database] > Advanced Settings

Enabled.

Create, Drop, Alter, Grant, Revoke, Stored Procedures are disabled

Retained if specified

13

Enable Robust Exception Information

Debugging & Logging > Debug Output Settings

Disabled

Disabled

Overwritten

14

Enable CFSTAT

Debugging & Logging > Debug Output Settings

Enabled.

Disabled

Overwritten

15

Select the type of Administrator authentication

Security > Administrator

Use a single password only

Separate user name and password authentication (allows multiple users)

N/A

16

Enable RDS Service

Security > RDS

Configurable at install time

Disabled

N/A

17

Select the type of RDS authentication

Security > RDS

Use a single password only

Separate user name and password authentication (allows multiple users)

N/A

18

Enable ColdFusion Sandbox Security

Security > Sandbox Security

Disabled

Disabled

Overwritten

19

Allowed IP addresses for ColdFusion Administrator access

Security > Allowed IP Addresses

Not available at install time

Available at install time

N/A

Note: Secure Profile disables Directory Browsing for a stand alone ColdFusion installation with built-in web server.