So been going through various ColdFusion lock down tweeks, restrictions etc. and have a couple of useful links. First up is the Unofficial Updater. What it’ll do is download the latest, relevant patches for your CF install and get them all in place. It saves a huge amount of time versus trying to do it yourself.

Second up is something off the back of the lock down guide relating to GraphData.cfm. It’s not a real path, it’s something that CF sorts out itself. If you choose to move CFIDE or restrict the path in the webserver this can cause issues. Either you leave it open, or, you can change the path it uses. Credit to Brandon for the following tweaks to move it about:

<strong>Below changes cfchart engine to generate the image path based on this config.</strong>
/CFIDE/GraphData.cfm ==> /images/GraphData.cfm
{cfmx-root}/wwwroot/WEB-INF/web.xml servlet mapping
<strong>When a request is handled to /images/Graphdata.cfm the GraphServlet will be
invoked to find and serve the charts.</strong>
/CFIDE/GraphData.cfm ==> /images/GraphData.cfm

Note It looks like the site isn’t a thing anymore. Not sure if there’s a replacement but as 9.0.2 is very old, I doubt it.