All geek questions in one place

What are some protection options for redis db?

I run Redis locally and have several computers interacting with redis on the same port - any suggestions on good ways to block access to Redis? The database runs on Mac OS X. Thank you.

Edit: it is assumed that I do not want to use the built-in (non-backward compatible) Redis requirepass directive in config.

+6
source share
2 answers

In EC2, we block machines that can send requests to the redis port in our redis window only for our application window (we also use it only to store insensitive data).

Another option would be to not open the redis external port from the outside, but you need to forward the ports through the ssh tunnel . Then you can only allow requests passing through the tunnel and only allow ssh with a known key.

You pay ssh fine, but maybe this is normal for your scenario.

+1
source

The configuration file has a simple requirepass directive that allows access only to clients that authenticate via AUTH . I recommend reading the docs for this command, namely the "note" section.

0
source

Source: https://habr.com/ru/post/897732/

More articles:


All Articles