I was reading through the Lucee Lockdown guide for Apache and Lucee. I locked down the admin fine, but using the following location directive.

<Location /lucee>
  Order Deny,Allow
  Deny from all
  Allow from 999.999.9999.999 888.888.888

This allows the 999.999.999.999 ip address and ip adresses that start with 888.888.888 to access the admin fine. You can add any number or ip adn partial ip addresses to this line separated by a space. Unfortunately it breaks the graphs CFCHART generates. To fix this issue you need to add following location directive after the above location directive.

<location /lucee/graph.cfm>
  Order Allow,Deny
  Allow from All

This enables the graphs and still locks down the admin and can be applied to anything in the folder.

Related Posts | linux | lucee | cfml | fusebox | apache |