As a rule running web interface control on a Cisco device is a bad idea. But there are times when you may want to run it. Some of Cisco’s management tools expect it.
- no ip http server – Kill HTTP when possible
- ip http secure-server – If you have to run web management use HTTPS for encryption
- ip http access-class XX – Apply an ACL to restrict hosts that can reach the web management, where XX you replace with your ACL number