12-2
To implement security management on the device, use the following methods to enhance the security of
the device.
z Enable HTTP service only when necessary.
z Change the port number of the HTTP service as a port number not commonly used (for example
8080), thus reducing attacks from illegal users on the HTTP service.
z Associate the HTTP service with an ACL to let pass only the filtered clients.
Protocols and Standards
RFC 1945: Hypertext Transfer Protocol – HTTP/1.0
Enabling the HTTP Service
The device can act as the HTTP server and the users can access and control the device through the
Web function only after the HTTP service is enabled.
Follow these steps to enable the HTTP service:
To do… Use the command… Remarks
Enter system view
system-view
—
Enable the HTTP service
ip http enable
Required
The default setting varies with devices.
Configuring the Port Number of the HTTP Service
Configuration of the port number of the HTTP service can reduce the attacks from illegal users on the
HTTP service.
Follow these steps to configure the port number of the HTTP service:
To do… Use the command… Remarks
Enter system view
system-view
—
Configure the port number of the
HTTP service
ip http port
port-number
Required
By default, the port number of the
HTTP service is 80.
If you execute the ip http port command for multiple times, the last configured port number is used.
Associating the HTTP Service with an ACL
By associating the HTTP service with an ACL, only the clients that pass ACL filtering are allowed to
access the device.
Follow these steps to associate the HTTP service with an ACL:
To Next Page
Loading...
