Installing ColdFusion 11 Under cPanel

First, you need your installation defaults, find the installer.properties example below:

INSTALLER_UI=SILENT
SILENT_LICENSE_MODE=full
SILENT_SERIAL_NUMBER=
SILENT_PREV_SERIAL_NUMBER=
SILENT_INSTALLER_TYPE=standalone
SILENT_INSTALL_ODBC=false
SILENT_INSTALL_JNBRIDGE=false
SILENT_INSTALL_ADMIN=false
SILENT_INSTALL_SOLR=true
SILENT_INSTALL_PDFG=true
SILENT_INSTALL_FOLDER=/opt/coldfusion11
SILENT_ENABLE_PROD_SECURE_PROFILE=true
SILENT_ENABLE_PROD_DEFAULT_PROFILE=false
SILENT_ENABLE_DEV_PROFILE=false
SILENT_ADMIN_IP=127.0.0.1
SILENT_JETTY_IP=
SILENT_ADMIN_USERNAME=admin
SILENT_ADMIN_PASSWORD=Adm1n$12
SILENT_ENABLE_RDS=false
SILENT_RDS_PASSWORD=Adm1n$12
SILENT_JETTY_USERNAME=admin
SILENT_JETTY_PASSWORD=Adm1n$12
SILENT_CONTEXT_ROOT=
SILENT_AUTO_ENABLE_UPDATES=true
SILENT_MIGRATE_COLDFUSION=false
SILENT_PREV_CF_MIGR_DIR=/opt/coldfusion10
ENABLE_RDS=false
ENABLE_WSRP=false
ENABLE_JSDEBUG=false
ENABLE_CFR=false
ENABLE_CFSWF=false
ENABLE_CFFORMS=false

With this file, you can install ColdFusion 11 with the following:

./ColdFusion_11_WWEJ_linux64.bin -f installer.properties >> CF11Installer.log

The output in the log file should look something like this:

Preparing to install...
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...

Launching installer...

Chown the CFIDE:

chown -R nobody:nobody /opt/coldfusion11/cfusion/wwwroot/CFIDE

Backup your license.properties:

cp /opt/coldfusion11/cfusion/lib/license.properties /opt/coldfusion11/cfusion/runtime/lib/license.properties

Add the service:

sh /opt/coldfusion11/bin/cf-init.sh install

If the above does not exist, and well hey, it didn’t for me, I did write another article with the file needed.  Check that Article out.

 

sconfig wants the “real” hostname or the connector won’t install.

cp /etc/hosts /etc/hostsbackup.$$
echo 127.0.0.1 localhost.localdomain localhost `hostname` > /etc/hosts

Turn the listen flag to false in the license.propterties:

perl -pi -e 's/listen=true/listen=false/' /opt/coldfusion11/cfusion/lib/license.properties

Start ColdFusion:

/opt/coldfusion11/cfusion/bin/coldfusion start && sleep 10 &&

Perform the wsconfig:

In my example, I happened to run the command twice, with varied setups.  I am documenting them both and will clean up at next install:

/opt/coldfusion11/cfusion/runtime/bin/wsconfig -ws apache -dir /usr/local/apache/conf -bin /usr/sbin/httpd -script /etc/init.d/httpd  >> CF11Installer.log
/opt/coldfusion11/cfusion/runtime/bin/wsconfig -ws apache -dir /usr/local/apache/conf -bin /usr/sbin/httpd -script /etc/init.d/httpd -ws64 -apxs -norestart -v  >> CF11Installer.log

After the above, my CF11Installer.log added the following:

The Apache connector was installed to /usr/local/apache/conf
Usage:
To use the GUI:
        java -jar wsconfig.jar
To use the property file to specifiy options:
        java -jar wsconfig.jar -f <property-file-path>
To use the command line to specify options:
        java -jar wsconfig.jar [options]

Options
To install the web server connector:
        -ws <IIS|Apache> -dir <path> | -site <site>
        [-host <hostname>]  | [-cluster <clustername>]
        [-norestart] [-v]
        [-cfide [<dir>]]
        [-bin <path>] [-service <servicename>] (Apache/Windows only)
        [-bin <path>] [-script <path>] (Apache/UNIX only)
To remove the web server connector:
        -remove -ws <IIS|Apache> -dir <path> | -site <site> [-v]
To remove all the web server connectors:
        -uninstall [-v]
To upgrade the web server connector:
        -upgrade -ws <IIS|Apache> -dir <path> | -site <site> [-v]
To upgrade all the web server connectors:
        -upgrade [-v]
To list the configured web servers:
        -list [-ws <IIS|Apache>]
To get this help:
        -help

Descriptions
        -ws <IIS|Apache> web server
        -dir <path>             Apache conf directory
        -site <site>            IIS web site name or number
        -host <hostname>        ColdFusion server address (default=localhost)
        -cluster <clustername>  ColdFusion cluster name
        -norestart              do not restart web server
        -cfide [<dir>]  CFIDE Directory Path
        -service <servicename>  Apache Windows service name
        -bin <path>             Apache server binary file
        -script <path>          Apache Unix control script file
        -ws32           used to configure 32-bit web server on 64-bit Windows, Linux, and Mac OS.
        -reuseConnectionCount   The reuseConnectionCount property sets the maximum number of connections that can be re-used in the connection pool.
        -connectionPoolTimeout  The connectionPoolTimeout property sets the number of seconds to wait for the idle connection to close.
        -isWebServiceON The isWebServiceON property signifies that the Apache web server is started with the WEBSERVICE_ON property. Applicable only for Mac OSX 10.8 or higher.
        -allowedIPList   The allowedIPList property represents an allowed IP address list(separated by comma) that access the restricted list of ColdFusion URLs.

Performing the wsconfig generated the file I needed to move forward, /usr/local/apache/conf/mod_jk.conf to which the contents are below:

# Load mod_jk module
LoadModule    jk_module  "/opt/coldfusion11/config/wsconfig/1/mod_jk.so"
# Where to find workers.properties
JkWorkersFile "/opt/coldfusion11/config/wsconfig/1/workers.properties"
JkMountFile "/opt/coldfusion11/config/wsconfig/1/uriworkermap.properties"
JKIPRestrictionFile "/opt/coldfusion11/config/wsconfig/1/iprestriction.properties"
# Where to put jk logs
JkLogFile "/opt/coldfusion11/config/wsconfig/1/mod_jk.log"
# custom environment variables
JkEnvVar REDIRECT_URL
JkEnvVar REDIRECT_REMOTE_HOST
JkEnvVar REDIRECT_PATH
JkEnvVar REDIRECT_QUERY_STRING
JkEnvVar REDIRECT_HTTP_ACCEPT
JkEnvVar REDIRECT_HTTP_USER_AGENT
JkEnvVar REDIRECT_REMOTE_ADDR
JkEnvVar REDIRECT_SERVER_NAME
JkEnvVar REDIRECT_SERVER_PORT
JkEnvVar REDIRECT_SERVER_SOFTWARE
# Where to put jk shared memory
JkShmFile "/opt/coldfusion11/config/wsconfig/1/jk_shm"
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
AddHandler jakarta-servlet .cfm .cfml .cfc .cfr .cfswf
DirectoryIndex index.cfm
Alias /CFIDE "/opt/coldfusion11/cfusion/wwwroot/CFIDE"
<Directory "/opt/coldfusion11/cfusion/wwwroot/CFIDE">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Files ~ ".hbmxml$">
Order allow,deny
Deny from all
</Files>

I then distilled the changes to ensure cPanel was copacetic with them, regenerated the conf and restarted apache:

/usr/local/cpanel/bin/apache_conf_distiller --update
/usr/local/cpanel/bin/build_apache_conf
/etc/init.d/httpd restart

During the last step, I did open for editing /usr/local/apache/conf/httpd.conf twice and /usr/local/apache/conf/mod_jk.conf once before distilling and restarting again.

 

Edit the neo-security.xml and throw in some good defaults.

set rds.security.usesinglerdsp to false

set allowconcurrentadminlogin to false

set admin.userid.required to true

set allowedAdminIPList to 127.0.0.1 and an any others of importance

set secureprofile.enabled to true

 

The admin.userid.root.salt string may need to be updated, idk.

Restart the CF’s

/opt/coldfusion11/cfusion/bin/coldfusion stop
/opt/coldfusion11/cfusion/bin/coldfusion start


Posted

in

by

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *