system services web modify
Modify the cluster-level configuration of web protocols
Availability: This command is available to cluster administrators at the admin privilege level.
Description
This command modifies the overall availability of web services in the cluster, including the core protocol configurations for those services. In a pre-root or unclustered scenario, its scope applies to the local node.
Parameters
[-external {true|false}]
- External Web Services-
Defines whether remote clients can access HTTP or HTTPS service content. Along with the
system services firewall
configuration, this parameter controls the visibility for client connections. The default value for this parameter after installation is 'true', which exports web protocols for remote access. If no value is provided during modification, its behavior does not change. [-per-address-limit <integer>]
- Per Address Limit (privilege: advanced)-
Limits the number of connections that can be processed concurrently from the same remote address. If more connections are accepted, those in excess of the limit are delayed and processed after the number of connections being processed drops below the limit. The default value is 96.
[-http-enabled {true|false}]
- HTTP Enabled (privilege: advanced)-
Defines whether HTTP is enabled. The default value for this parameter is
false
. [-csrf-protection-enabled {true|false}]
- CSRF Protection Enabled (privilege: advanced)-
Defines whether CSRF protection is enabled. The default value is
true
. [-csrf-token-concurrent-limit <integer>]
- Maximum Number of Concurrent CSRF Tokens (privilege: advanced)-
Defines how many concurrent CSRF tokens can exist at any given time. The default value is
500
. [-csrf-token-idle-timeout <integer>]
- CSRF Token Idle Timeout (Seconds) (privilege: advanced)-
Defines how long (in seconds) an unused CSRF token will exist until it expires. The default value is
900
seconds (15 minutes). [-csrf-token-absolute-timeout <integer>]
- CSRF Token Absolute Timeout (Seconds) (privilege: advanced)-
Defines how long (in seconds) a CSRF token can exist regardless of usage. The default value is
0/undefined
, which means that it will never time out. [-lif-service-policy-enforced {true|false}]
- Enforce Network Interface Service-Policy (privilege: advanced)-
Defines whether to enforce the network interface service-policy for web services.
Examples
The following command changes the maximum size of the wait queue:
cluster1::> system services web modify -wait-queue-capacity 256