From output above we learned that redis server is already listening on port 6379 and bind to localhost or 127.0.0.1.
Redis configuration is located in the /etc/redis/redis.conf file. In this tutorial we'll change one Redis configuration directive so that it will listen to all network interfaces instead of only on localhost. This is useful if you have a dedicated redis server and you're connecting from other servers, such as an application server.
Open /etc/redis/redis.conf. Find line below:
We see above that redis is listening on all interfaces on port 6379 (0.0.0.0:6379).
There are a lot more configuration directive on redis.conf file. You can read the comment above each directive to see how you can customize Redis configuration.
By default Redis is not secure. It assumes that it runs on a secure environment or network. From Redis security page :
Redis is designed to be accessed by trusted clients inside trusted environments. This means that usually it is not a good idea to expose the Redis instance directly to the internet or, in general, to an environment where untrusted clients can directly access the Redis TCP port or UNIX socket.
In this section we'll discuss how-to secure Redis.
Setting up a Firewall
The first method that you can use to secure Redis is by setting up a firewall. You can use a firewall on a host level using iptables or on a network level from a Firewall device. If you are using a cloud service you can also use a Firewall service that your provider provides on a host or a network level.
Configure a Password for Redis
By default Redis does not ask the user to authenticate. To add more security to your Redis installation you can enable authentication on your Redis server.
Open /etc/redis/redis.conf file, find the line below
# requirepass foobared
Replace foobared the line above with your own password. You can also use a fully random password like the line below
Additional methods that you can employ to secure your redis installation is by renaming or disabling some dangerous commands. This configuration is also located on the SECURITY section on the /etc/redis/redis.conf file. For example the config below will change the CONFIG commmand with 123aqCONFGG.
rename-command CONFIG 123aqCONFGG
We also can disable a command. To disable the CONFIG command you can put empty quotes ("") as the replacement of CONFIG command
rename-command CONFIG ""
Don't forget to restart redis-server after changing the configuration by running command below
$ sudo service redis-server restart
Redis comes with the redis-benchmark tool. You can try benchmarking redis by running redis-benchmark without options
In this tutorial we learned how-to install Redis on Ubuntu 14.04 from the Ubuntu repository. We also learned how to manage the Redis service, configuring the service, securing Redis, and also Benchmarking Redis. We also learned the basic usage of Redis.
If you find your cPanel disk space filling up, or an email address has hit its disk space quota, cPanel has a helpful built in Email Disk Usage tool. This will provide you with a simple to understand breakdown of how much disk space each folder for a particular email...
Although WHM will normally automatically keep itself up to date, you may want to manually check for server updates / push through an update that is pending, or it may be that you have automatic updates switched off on your cPanel server. In this guide we will show you how...
You may sometimes need to manually adjust the PHP settings on your cPanel server – for example if a site is hitting the PHP memory, or file size upload limit. WHM allows you to quickly change the settings of any PHP version installed on the server when needed, using the...