Cisco Cisco IOS Software Release 12.2(27)SBC
HTTP 1.1 Web Server and Client
How to Configure the HTTP 1.1 Web Server and Client
3
Cisco IOS Network Management Configuration Guide
Another example is to configure a policy that minimizes the response time for new connections by
specifying small values for the life and request options so that the connections are quickly released to
serve new clients.
specifying small values for the life and request options so that the connections are quickly released to
serve new clients.
A throughput policy is better for HTTP sessions with dedicated management applications, because it
allows the application to send more requests before the connection is closed, while a response time
policy is better for interactive HTTP sessions, because it allows more people to connect to the server at
the same time without having to wait for connections to become available.
allows the application to send more requests before the connection is closed, while a response time
policy is better for interactive HTTP sessions, because it allows more people to connect to the server at
the same time without having to wait for connections to become available.
In general, you should configure these options as appropriate for your environment. The value for the
idle option should be balanced so that it is large enough not to cause an unwanted request or response
timeout on the connection, but small enough that it does not hold a connection open longer than
necessary.
idle option should be balanced so that it is large enough not to cause an unwanted request or response
timeout on the connection, but small enough that it does not hold a connection open longer than
necessary.
Access security policies for the HTTP server are configured using the ip http authentication command,
which allows only selective users to access the server, and the ip http access-class command, which
allows only selective IP hosts to access the server.
which allows only selective users to access the server, and the ip http access-class command, which
allows only selective IP hosts to access the server.
Selective Enabling of Applications Within the HTTP Infrastructure
The ability to selectively enable applications using an HTTP server feature eliminates a potential
security vulnerability by providing a facility to enable selected HTTP
security vulnerability by providing a facility to enable selected HTTP
services on the Cisco IOS HTTP
server infrastructure. This feature also provides the capability to view the current state of the HTTP
services, including which services
services, including which services
are enabled
or disabled.
Prior to this feature, HTTP applications running on a router or a switch were either all enabled or all
disabled when the HTTP server was enabled or disabled using the ip http server command. In the
situation where all HTTP applications were enabled, remote end-users were given potential access to
services that could allow remote end-users to pose a potential security threat to service providers.
disabled when the HTTP server was enabled or disabled using the ip http server command. In the
situation where all HTTP applications were enabled, remote end-users were given potential access to
services that could allow remote end-users to pose a potential security threat to service providers.
With ability to selectively enable applications using an HTTP server, the Cisco IOS HTTP infrastructure
provides a way to enable only selected HTTP applications to run on a router or a switch, thereby
bypassing a potential security vulnerability. Selected HTTP applications can be enabled using the
ip http active-session-modules configuration command.
provides a way to enable only selected HTTP applications to run on a router or a switch, thereby
bypassing a potential security vulnerability. Selected HTTP applications can be enabled using the
ip http active-session-modules configuration command.
Note
The maximum number of sessions that can be registered with the Cisco IOS HTTP server is 32.
How to Configure the
HTTP 1.1 Web Server and Client
This section contains the following tasks:
•
•
•
•
Enabling and Configuring the HTTP Server
To enable the HTTP server and configure optional server characteristics, perform the following steps.
The HTTP server is disabled by default.
The HTTP server is disabled by default.