How to control the HTTP(s) Message Server access?
It is possible to create access control creating an access list using the parameter ms/permission_table.
WIth this list you can define who can access the informations provided by Message Server and also who cannot access.
Further details over note 916398.
916398 - HTTP access control for message server
How to limit the size of a developer trace file
It is possible to limit the size of trace files using the parameter rdisp/TRACE_LOGGING. Details about how to setup this parameter in SAP note 112.
112 - Trace and error information in the "dev_" files
With SAP kernel 72X the traces are rotated by specific triggers that occurs in specific time intervals, however, these time intervals may vary depends of the component or even the action a work process is doing. In some specific situations the trace can increase further than the size set in the parameter.
With 74X kernel the rotation are much more precise avoiding the traces to grow much more than the specified.
What is the HTTP(s) Message Server Port?
The HTTP(s) Message Server port is configured by the parameter ms/server_port_X.
Another way to identify the HTTP(s) port is checking the dev_ms trace file:
[Thr 123456789] set HTTP state to LISTEN
[Thr 123456789] *** HTTP port 8101 state LISTEN ***
Is it possible to bind Message server ports to specific interfaces?
It is possible to choose specific interfaces to bind message server's HTTP(s) ports only, defined via parameter ms/server_port_X.
MS server ports 36xx and 39xx are automatically bound to all interfaces (e.g. 0.0.0.0:36xx)
Is it possible to reload the the message server ACL file in runtime from the OS level (e.g. using MSMON program)?
It is not possible.
Such feature does not exist for security reasons. The only way to reload the message server ACL contents at runtime is via transaction SMMS (message server monitor).