ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • system services web modify

    Modify the cluster-level configuration of web protocols

    Availability: This command is available to cluster administrators at the admin privilege level.

    Description

    This command modifies the overall availability of web services in the cluster, including the core protocol configurations for those services. In a pre-root or unclustered scenario, its scope applies to the local node.

    Parameters

    [-external {true|false}] - External Web Services

    Defines whether remote clients can access HTTP or HTTPS service content. Along with the system services firewall configuration, this parameter controls the visibility for client connections. The default value for this parameter after installation is 'true', which exports web protocols for remote access. If no value is provided during modification, its behavior does not change.

    [-per-address-limit <integer>] - Per Address Limit

    Limits the number of connections that can be processed concurrently from the same remote address. If more connections are accepted, those in excess of the limit are delayed and processed after the number of connections being processed drops below the limit. The default value is 96.

    [-http-enabled {true|false}] - HTTP Enabled

    Defines whether HTTP is enabled. The default value for this parameter is false .

    [-csrf-protection-enabled {true|false}] - CSRF Protection Enabled

    Defines whether CSRF protection is enabled. The default value is true .

    [-csrf-token-concurrent-limit <integer>] - Maximum Number of Concurrent CSRF Tokens

    Defines how many concurrent CSRF tokens can exist at any given time. The default value is 500 .

    [-csrf-token-idle-timeout <integer>] - CSRF Token Idle Timeout (Seconds)

    Defines how long (in seconds) an unused CSRF token will exist until it expires. The default value is 900 seconds (15 minutes).

    [-csrf-token-absolute-timeout <integer>] - CSRF Token Absolute Timeout (Seconds)

    Defines how long (in seconds) a CSRF token can exist regardless of usage. The default value is 0/undefined , which means that it will never time out.

    Examples

    The following command changes the maximum size of the wait queue:

    cluster1::> system services web modify -wait-queue-capacity 256
    Top of Page