Hello Anit,
thanks for your response.
I made all the things you advise:
- Block /CFIDE/ requests
- Block access to cf administrator to external ip
- use different users for iis and coldfusion service
- updated coldfusion with last hotfix
for 2 monthswe have not receivedmoreattacks of thiskind, butthis morning someone managed toretry theupload.
Do you have anyother advicefor us?
You're right thatthetmp filesare not dangerous,but the factthat someone mightwritefileson the server isone thing thatdoes not make mefeel comfortable
Thanks, R
