Skip to main content

system services web modify

Contributors
Suggest changes

Modify the cluster-level configuration of web protocols

Availability: This command is available to cluster administrators at the admin privilege level.

Description

This command modifies the overall availability of web services in the cluster, including the core protocol configurations for those services. In a pre-root or unclustered scenario, its scope applies to the local node.

Parameters

[-external {true|false}] - External Web Services

Defines whether remote clients can access HTTP or HTTPS service content. Along with the system services firewall configuration, this parameter controls the visibility for client connections. The default value for this parameter after installation is 'true', which exports web protocols for remote access. If no value is provided during modification, its behavior does not change.

[-per-address-limit <integer>] - Per Address Limit (privilege: advanced)

Limits the number of connections that can be processed concurrently from the same remote address. If more connections are accepted, those in excess of the limit are delayed and processed after the number of connections being processed drops below the limit. The default value is 96.

[-http-enabled {true|false}] - HTTP Enabled (privilege: advanced)

Defines whether HTTP is enabled. The default value for this parameter is false .

[-csrf-protection-enabled {true|false}] - CSRF Protection Enabled (privilege: advanced)

Defines whether CSRF protection is enabled. The default value is true .

[-csrf-token-concurrent-limit <integer>] - Maximum Number of Concurrent CSRF Tokens (privilege: advanced)

Defines how many concurrent CSRF tokens can exist at any given time. The default value is 500 .

[-csrf-token-idle-timeout <integer>] - CSRF Token Idle Timeout (Seconds) (privilege: advanced)

Defines how long (in seconds) an unused CSRF token will exist until it expires. The default value is 900 seconds (15 minutes).

[-csrf-token-absolute-timeout <integer>] - CSRF Token Absolute Timeout (Seconds) (privilege: advanced)

Defines how long (in seconds) a CSRF token can exist regardless of usage. The default value is 0/undefined , which means that it will never time out.

[-lif-service-policy-enforced {true|false}] - Enforce Network Interface Service-Policy (privilege: advanced)

Defines whether to enforce the network interface service-policy for web services.

Examples

The following command changes the maximum size of the wait queue:

cluster1::> system services web modify -wait-queue-capacity 256