Security & configuration validation can be used to check if on any ABAP stack the HTTP port is activated. Depending on your security concept this might be forbidden. Checking across all systems is a cumbersome job. Here the security and configuration check function of SAP Focused Run can help.
Setting up security and configuration validation rule to check if HTTP port is active
Go to the security and configuration validation policy tile:
Create a new policy with the following syntax:
<?xml version="1.0" encoding="utf-8"?>
<targetsystem xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" desc="Checks whether only HTTPS is active in SMICM" id="SMICM_HTTPSONLY" multisql="Yes" version="0000" xsi:schemaLocation="csa_policy.xsd">
<configstore name="ABAP_INSTANCE_PAHI">
<checkitem desc="item description" id="1.0.0.0">
<compliant>NAME like 'icm/server_port_%' and NOT (VALUE like '%HTTP,%' ) </compliant>
<complianttext/>
<noncompliant>NAME like 'icm/server_port_%' and VALUE like '%HTTP,%' </noncompliant>
<noncomplianttext/>
</checkitem>
</configstore>
</targetsystem>Basically the rule says: no http found is ok and any http found is not ok.
Running the check
Run the check will give you all systems in red where HTTP is active and green if only HTTPs is active, or nothing is active:
