我的书签
添加书签
移除书签Configuring ColdFusion Express Server
This section covers basic ColdFusion administration.
Contents
-
The ColdFusion Administrator 132
-
Starting and Stopping ColdFusion 133
-
The Settings Page 134
-
Configuring Administrator Security 135
-
Mapping Directories 136
-
The ColdFusion Logging Page 136
-
ColdFusion Administrator Debugging Options 138
-
Monitoring ColdFusion Performance 139
The ColdFusion Administrator
You use the Administrator to perform a variety of administrative tasks for the ColdFusion Server, such as adding and configuring a data source and configuring security settings. During the ColdFusion installation process, you specify an Administrator password that is used to prevent unauthorized access to the Administrator pages.
To open the ColdFusion Administrator:
-
Select Start > Programs > ColdFusion Express >ColdFusion
Express Administrator or
-
Open the administrator by loading the following URL:
http://hostname/CFIDE/administrator/index.cfm
Where hostname is the name of the server hosting ColdFusion.
Accessing the Administrator remotely
To access ColdFusion Administrator pages remotely, you load the following URL:
http://hostname/CFIDE/administrator/index.cfm
where hostname is the name of the system on which ColdFusion is installed. If you are using ColdFusion Administrator security, you will be prompted to enter a password. If your Web server is providing security, access to the Administrator pages is governed by the permissions defined in your Web server.
Once the Administrator page loads, click one of the Administrator links to work with a specific area of the Administrator.
| ColdFusion Administrator Options | |
|---|---|
| Category | Description |
| Settings |
Includes options for tuning server performance. |
| ODBC Sources | Use to configure ColdFusion data sources, including:
See Chapter 14, “Managing Data Sources,” on page 141, for information about ODBC Sources. |
| Basic Security | Configuring Administrator passwords and security options |
| Mapping |
Mapping directories |
| ColdFusion Administrator Options (Continued) | |
|---|---|
| Category | Description |
| Logging | You use the Logging pages to configure a ColdFusion Administrator email address, and to:
|
| Debugging | The debugging page allows you to enable and configure error message output for ColdFusion pages. |
| Advanced Features | This page provides information about upgrading to ColdFusion Server Enterprise and ColdFusion Server Professional. |
Starting and Stopping ColdFusion
Generally speaking, you should always stop and restart ColdFusion Server after making any changes that affect a data source, connection parameter such as caching, thread count, and so on. Specifically, you stop and restart ColdFusion services after making any of the following changes in the Administrator:
-
After changing any server settings on the Server Settings page.
-
Enabling the performance monitoring options in the ColdFusion
Administrator. This feature allows you to use the native Windows NT performance monitor to track ColdFusion performance-related data. For more information, see “Monitoring ColdFusion Performance” on page 139.
-
Changing the user account under which ColdFusion runs.
-
Changing an existing data source setting, such as Page timeout,
Buffer size, or Maintaining database connections.
Using batch files to start and stop ColdFusion (Windows)
You can use batch files in Windows NT to stop and restart ColdFusion services. The Windows NT NET START and NET STOP commands can be used in batch files to start and stop ColdFusion services, as in the following excerpt:
NET STOP "Cold Fusion Application Server" NET START "Cold Fusion Application Server"
Batch files, as well as other executables, can be scheduled in Windows NT. Refer to your Windows NT documentation for more information about scheduling, and stopping and starting NT services.
Note You must be logged in with Administrator rights to execute these batch commands.
The Settings Page
The Administrator Server Settings page contains several configuration options you can set or enable to manage ColdFusion Server. Many of these options can significantly affect server performance. Use the following table to find out about options on the Server Settings Administrator page.
| Server Settings Options | |
|---|---|
| Option | Description |
| Limit simultaneous requests | Use this value to limit the number of simultaneous requests for ColdFusion Server. Once ColdFusion reaches this limit, requests are queued up and handled in the order received. |
| Timeout requests | Set a value to limit the amount of time ColdFusion waits before terminating a request. |
| Restart unresponsive server | This option allows you to restart the ColdFusion Server service (daemon) in the event some ColdFusion component does not respond within the specified amount of time. |
| Enforce strict attribute validation | Enables strict attribute validation rules. ColdFusion tag attributes that are not relevant to the execution of a tag will not be allowed. When disabled, irrelevant attributes may be passed to CFML tags without effect. Strict attribute validation improves template execution time and can help prevent many CFML coding errors. |
| Template cache size | Use this option to specify how much memory you want to reserve for caching ColdFusion pages. For best performance, assuming your server has enough memory, you should set this value to the total number of kilobytes of all your active ColdFusion pages. |
| Trusted cache | Allows ColdFusion to use cached application pages (templates) without first checking to see if they’ve been changed. |
| Limit database connection inactive time | Use this option to limit the amount of time ColdFusion allows a cached database connection to remain inactive. This option is ignored if the option to maintain database connections has not been enabled for an individual data source. |
| Limit maximum number of cached queries | Limits the maximum number of cached queries that the server will maintain. Cached queries allow for retrieval of result sets from memory rather than through a database transaction. The maximum number of cached queries allowed at any given time is 100. When this value is reached, the oldest query is dropped from the cache and replaced with the specified query. |
When changing values on this page, be sure to stop and restart ColdFusion for these options to take affect.
Configuring Administrator Security
ColdFusion Express Server offers one level of security: Basic security. Basic security allows you to secure the ColdFusion Administrator with a password.
To access Basic security settings in the ColdFusion Administrator, open the Server, Basic Security page.
If you upgrade to ColdFusion Professional or Enterprise edition, ColdFusion also offers Advanced security. Advanced security allows you to exercise a high degree of control over a wide range of ColdFusion resources, including CFML tags (as well as individual tag ACTION types), specific SQL operations, as well as other ColdFusion resources.
Installation defaults
The ColdFusion Administrator installs with secure access enabled. The password you enter as part of the setup is saved as the default, so that when you open the Administrator for the first time, you are prompted to enter the password. We recommend that you continue to use Administrator security until you complete the ColdFusion server configuration.
Disabling Administrator security
You can disable Basic security for the ColdFusion Administrator on the Server, Basic Security page. Once you’ve disabled this option, anyone can open the Administrator pages and make changes to ColdFusion Server settings.
Securing data sources
You can take the following measures to secure the data sources that you intend to use with ColdFusion Express:
-
Use a database system that supports security and create a user
account that has access to only selected tables and operations (such as, SELECT, INSERT). You can then configure ColdFusion to use that account when interacting with the data source.
-
Select the ColdFusion Settings button from the ColdFusion ODBC page
to allow only certain SQL operations (such as SELECT and INSERT) in interactions with the data source.
Basic Security limitations
ColdFusion Basic security hinges on the protection of a single password per server. As long as the password is kept secret, unauthorized access to the Administrator and
databases on the server is impossible. It’s important to understand that this security model has two liabilities:
-
Password vulnerability. The password can be lost, stolen, or hacked.
-
Access control is generalized, that is, remote developers have
access either to all data sources, or none. With Basic security, you can’t protect individual directories and/or databases as you can with ColdFusion Enterprise and ColdFusion Professional.
Mapping Directories
The Mappings page in the ColdFusion Administrator allows you to create logical aliases for physical directories on your server. Mapping directories is only necessary if you want to use ColdFusion with CGI or if you want to use absolute references to ColdFusion pages with the CFINCLUDE tag.
The Web server APIs supported by ColdFusion (NSAPI, ISAPI, and Apache API) perform document type mapping, which makes directory mapping in ColdFusion unnecessary. When a browser loads a file with the .cfm extension, the Web server recognizes that file type as a ColdFusion application page.
The ColdFusion Logging Page
ColdFusion generates log files you can use to help monitor ColdFusion server activity as well as activity in your ColdFusion applications. ColdFusion generates several different log files, most of which are written to \Cfusion\Log on Windows. All log files are written in comma delimited format.
In addition to logging options, the Logging page contains a few other administrative options.
Log directory
The default location for ColdFusion log files in Windows is cfusion\log. You can specify a new location for ColdFusion log files by entering a new value in the Log Directory list box.
Log slow pages
ColdFusion allows you to track pages in your applications that take longer than a specified length of time to process. You can specify the amount of time ColdFusion allows before writing an entry to the server.log file.
Log files created by ColdFusion
ColdFusion creates nine different log files.
| ColdFusion Log Files | |
|---|---|
| Log Filename | Description |
| exec.log | Logs problems with the ColdFusion Server service. If the ColdFusion service hangs or if the service was unable to access the system registry, that information is written to cfexec.log. |
| rdseservice.log | Logs errors occurring in the ColdFusion RDS service, which provides file, debugging, directory, and database browsing services for ColdFusion Studio. |
| application.log | Logs every ColdFusion error reported back to a user. All application page errors, including ColdFusion syntax errors, ODBC errors, and SQL errors, are written to this log file. Every error message that is displayed on a user’s browser is logged here, along with the visitor’s IP address and browser information, if possible. |
| webserver.log | Logs errors occurring in the Web server and the ColdFusion stub. |
| schedule.log | Logs scheduled events that have been submitted for execution. Indicates whether the task submission was initiated and if it succeeded. Provides the scheduled page URL, the date and time executed, and a task ID. |
| server.log | Logs errors that occurred in the communication between ColdFusion and your Web server. This file is meant primarily to help Allaire Technical Support personnel. |
| customtag.log | Logs errors generated in custom tag processing. |
| remote.log | The Network Listener Module (NLM) writes various messages to the remote.log file relating to a distributed ColdFusion configuration. |
| errors.log | Logs errors generated in attempts to send mail from ColdFusion applications. Stored in cfusion\mail\log (Windows). |
ColdFusion Administrator Debugging Options
ColdFusion can provide important debugging information for every application page requested by a browser. When enabled, debug output is shown in a block following normal page output. The debug output can help you track down programming problems.
You can select from the following debug output options:
| ColdFusion Administrator Debugging Options | |
|---|---|
| Option | Description |
| Enable performance monitoring | Allows the standard NT Performance Monitor application to display information about a running ColdFusion Application Server. |
| Enable CFML stack trace | This option is provided so that production servers will not expend resources creating a traceback stack by default. |
| Show variables | Displays the names and values of all CGI, URL, form, and cookie variables. |
| Show processing time | Shows the time, in milliseconds, to process the entire page. |
| Show SQL and data source name | Permits the display of the data source name and the SQL statement in messages about database query errors. |
| Show query information | Displays the record count, processing time, and the SQL statement for each query executed. |
| Display the template path | When enabled, this option allows ColdFusion to include in the default error message the general identifier of the tag that suffered from an error as well as the page’s file and path. |
Note By default, when you enable any of these options, debug output becomes visible to all users. You can, however, restrict debug output to a selected IP address.
To restrict debug output to a specific IP number:
-
Enter the IP number you want to receive debug output, and click Add.
Debug output will be visible only to the specified IP address. Allaire recommends that you always specify the localhost of the ColdFusion Express Server, IP 127.0.0.1.
-
To disable debug output to a specific IP address, select the address
and click Remove.
If debugging output options have been selected and no IP address specified, debug output will be displayed to all users.
- At the bottom of the dialog, the current registry size is reported.
Specify a new maximum registry size in MB.
Monitoring ColdFusion Performance
ColdFusion provides a set of counters for monitoring the performance of the ColdFusion Express Server. This allows you to use the Windows NT Performance Monitor administration utility to monitor ColdFusion performance. This enhancement to NT Performance Monitor is installed automatically by the ColdFusion Express setup.
A Windows NT Performance Monitor configuration file has been added to ColdFusion for Windows systems that is pre-configured to monitor ColdFusion Server activity. The Performance Monitor configuration file, ColdFusionServer.pmc is installed in cfusion\bin.
To monitor ColdFusion Server activity, click on the ColdFusion Performance Monitor icon in the ColdFusion Server Program group. You can also open the Performance Monitor utility and then open the cfusion/bin/ColdFusionServer.pmc file.
ColdFusion counters available
ColdFusion supports 11 different counters you can enable in the Windows Performance Monitor:
-
Average database transaction time
-
Average queue time
-
Average request time
-
Bytes incoming per second
-
Bytes outgoing per second
-
Database hits per second
-
Page hits per second
-
Cache pops per second
-
Number of queued requests
-
Number of running requests
-
Number of timed out requests
To enable the Performance Monitor for ColdFusion:
-
Open the ColdFusion Administrator to the Miscellaneous Debugging
page.
-
Click the Enable performance monitoring option. The default is off.
-
Click Apply to save the new setting.
To configure the Performance Monitor:
-
From the Windows Start menu, select Programs > Administrative
Tools > Performance Monitor.
-
In the Performance Monitor, select Edit > Add to Chart or
File > Open to open an existing chart.
In the Add to Chart dialog, select ColdFusion Server from the Object drop-down list. You can change any of the display options (Color, Scale, Width, Style) for a counter before adding it.
-
Click one or more selections in the Counters list, then click the
Add button. The counters are listed at the bottom of the Chart View.
-
Click the Explain button to display embedded help for the selected
counter.
C HA PT ER 14
