Security is especially important in web-based applications, such as those you develop in ColdFusion. ColdFusion developers and administrators must fully understand the security risks that could affect their development and runtime environments so they can enable and restrict access appropriately.
You can implement development security by requiring a password to use the ColdFusion Administrator and a password for Remote Development Services (RDS), which allows developers to develop CFML pages remotely. You implement runtime security in your CFML pages and in the ColdFusion Administrator. ColdFusion has the following runtime security categories:
The Security area in the Administrator lets you do the following tasks: