Cisco Headend Digital Broadband Delivery System
Chapter 7 DNCS Web Services Security
64
4034689 Rev A
4 Add the following line to the end of the “Allow from” list.
Allow from [STB Staging Client IP]
Notes:
Replace [STB Staging Client IP] with the IP address or hostname of the STB
staging client.
staging client.
If a hostname is used, the hostname and IP address must be defined in the
/etc/hosts file.
/etc/hosts file.
An entire subnet can be allowed using slash notation.
Example: The “Allow from” list should look similar to the following example:
Order Allow,Deny
Allow from localhost
Allow from dncs dncs
Allow from dncsws
Allow from 172.16.30.1
Allow from 172.10.1.0/24
5 Will only HTTPS access, rather than HTTP, be allowed for the STB Staging web
service?
If yes, verify that the "SSLRequireSSL" line does not have “#” at the
beginning of the line. The SSLRequireSSL line disables HTTP access to the
STB Staging web service.
Example:
beginning of the line. The SSLRequireSSL line disables HTTP access to the
STB Staging web service.
Example:
SSLRequireSSL
If no, HTTP and HTTPS support is required; go to step 6.
6 Save and close the file.
7 Follow these instructions to restart the DNCS http process.
7 Follow these instructions to restart the DNCS http process.
a Type the following command and press Enter to stop the http process:
svcadm -v disable -st http
b Type the following command and press Enter to refresh the http process:
svcadm refresh http
c Type the following command and press Enter to restart the http process:
svcadm -v enable -s http
Result: The system displays the svc:/network/http:apache2 enabled
message.
message.