Skip to main content

apache_conf resource

Use the apache_conf Chef InSpec audit resource to test the configuration settings for Apache. This file is typically located under /etc/apache2 on the Debian and Ubuntu platforms and under /etc/httpd on the Fedora, CentOS, RedHat Enterprise Linux, and ArchLinux platforms. The configuration settings may vary significantly from platform to platform.

Availability

Install

This resource is distributed with Chef InSpec and is automatically available for use.

Requirements

ServerRoot must be included in an Apache configuration file. If not present, the included configurations will not be accessible to the resource.

Version

This resource first became available in v1.0.0 of InSpec.

Syntax

An apache_conf Chef InSpec audit resource block declares configuration settings that should be tested:

describe apache_conf('path') do
  its('setting_name') { should eq 'value' }
end

where

  • 'setting_name' is a configuration setting defined in the Apache configuration file
  • ('path') is the non-default path to the Apache configuration file
  • { should eq 'value' } is the value that is expected

Examples

The following examples show how to use this Chef InSpec audit resource.

Test for blocking .htaccess files on CentOS

describe apache_conf do
  its('AllowOverride') { should cmp 'None' }
end

Test ports for SSL

describe apache_conf do
  its('Listen') { should cmp '443' }
end

Test multiple ports are listening

describe apache_conf do
  its('Listen') { should =~ [ '80', '443' ] }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

This Chef InSpec audit resource matches any service that is listed in the Apache configuration file:

its('PidFile') { should_not eq '/var/run/httpd.pid' }

or:

its('Timeout') { should cmp '300' }

For example:

describe apache_conf do
  its('MaxClients') { should cmp '100' }
  its('Listen') { should cmp '443' }
end
Edit this page on GitHub

Thank you for your feedback!

×









Search Results