In WFA, some of the commandlets(like Get-WfaLogger and Connect-WfaCluster) internally use http connection to WFA server over localhost.
These will be impacted if WFA is not deployed over http.
Here are the steps to restrict WFA http access to localhost.
1. Open the Windows services console by using services.msc and stop the NetApp WFA Server service.
2. Find the standalone-full.xml file at WFA installation directory(<WFA Install>/jboss/standalone/configuration/standalone-full.xml.
3. Take a backup of this file.
4. Open the file and go to the section "<interfaces>". This is towards the end of the file.
5. Add one more "<interface>" section for localhost only binding.
<interfaces>
....
<interface name="localhost-only">
<inet-address value="127.0.0.1"/>
</interface>
......
</interfaces>
5. Now locate http socket binding section in "<socket-binding-group>".
6. Modify http binding to use the localhost-only interface defined in step 4.
<socket-binding-group .....>
....
<socket-binding name="http" interface="localhost-only" port="${http.port}"/>
....
</socket-binding-group>
7. Start WFA service.
NOTE: Updated the post as per Scott's post below.