There are several threads on securing the CFIDE. The best I have found involves to steps: 1) Keep up to date with the latest CF patches. 2) Break the current CFIDE virtual directory, replace it with one that points to an empty directory, then create a "scripts" one under that that points back to the original cfide/scripts directory. Most of the vulnerabilities revolve around other CFIDE modules not within the scripts branch and this will prevent probably 99% of them. Someday maybe Adobe will incorporate this into the standard distribution, but I'm not holding my breath.
↧