• _dev_null@lemmy.zxcvn.xyz
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    Indeed, from a tenable article:

    Cisco does recommend disabling the HTTP Server feature on any Cisco IOS XE systems that are internet-facing. The advisory provides steps on how to disable the feature as well as steps on how to determine if the HTTP Server feature is enabled. Additionally, the Cisco security advisory outlines an additional command to run after disabling the HTTP Server feature, to ensure that the feature is not re-enabled after a system reload.

    So yeah, maybe not widen your attack surface to the whole fucking internet in the first place.