From output above we learned that redis server is already listening on port 6379 and bind to localhost or 127.0.0.1.
Redis configuration is located in the /etc/redis/redis.conf file. In this tutorial we'll change one Redis configuration directive so that it will listen to all network interfaces instead of only on localhost. This is useful if you have a dedicated redis server and you're connecting from other servers, such as an application server.
Open /etc/redis/redis.conf. Find line below:
We see above that redis is listening on all interfaces on port 6379 (0.0.0.0:6379).
There are a lot more configuration directive on redis.conf file. You can read the comment above each directive to see how you can customize Redis configuration.
By default Redis is not secure. It assumes that it runs on a secure environment or network. From Redis security page :
Redis is designed to be accessed by trusted clients inside trusted environments. This means that usually it is not a good idea to expose the Redis instance directly to the internet or, in general, to an environment where untrusted clients can directly access the Redis TCP port or UNIX socket.
In this section we'll discuss how-to secure Redis.
Setting up a Firewall
The first method that you can use to secure Redis is by setting up a firewall. You can use a firewall on a host level using iptables or on a network level from a Firewall device. If you are using a cloud service you can also use a Firewall service that your provider provides on a host or a network level.
Configure a Password for Redis
By default Redis does not ask the user to authenticate. To add more security to your Redis installation you can enable authentication on your Redis server.
Open /etc/redis/redis.conf file, find the line below
# requirepass foobared
Replace foobared the line above with your own password. You can also use a fully random password like the line below
Additional methods that you can employ to secure your redis installation is by renaming or disabling some dangerous commands. This configuration is also located on the SECURITY section on the /etc/redis/redis.conf file. For example the config below will change the CONFIG commmand with 123aqCONFGG.
rename-command CONFIG 123aqCONFGG
We also can disable a command. To disable the CONFIG command you can put empty quotes ("") as the replacement of CONFIG command
rename-command CONFIG ""
Don't forget to restart redis-server after changing the configuration by running command below
$ sudo service redis-server restart
Redis comes with the redis-benchmark tool. You can try benchmarking redis by running redis-benchmark without options
In this tutorial we learned how-to install Redis on Ubuntu 14.04 from the Ubuntu repository. We also learned how to manage the Redis service, configuring the service, securing Redis, and also Benchmarking Redis. We also learned the basic usage of Redis.
Looking for the right web hosting solution for your website can be an intimidating task. Options nowadays are more diversified than ever, and each year brings new developments in the web hosting market. If you have no clue of what to look out for, you can find yourself overwhelmed with...
Content marketing continues to be one of the most valuable tools for today’s online businesses. With content, you can improve your chances of reaching your target audience, boost your search engine standing, and even unlock new opportunities for sales. The more content you produce, the more you can strengthen your...
User Experience (UX) is one of the most crucial factors to consider in web design. As the number of websites and applications in the world today continues to accelerate, businesses are under more pressure than ever to impress customers straight away. If a user visits your website and finds slow-loading...