Shulou(Shulou.com)06/01 Report--

Redis does not have a password by default and can only be accessed locally. You can execute arbitrary commands after connecting using redis-cli. If you want to open a public network connection, you need to set a password, disable or rename dangerous commands.

1. Set password

(1) Open the configuration file of Redis and search for the keyword "requirepass"

(2) remove the comment on the line "requirepass". The "foobared" of this line is the default password, and you can change it to your own password.

(3) Save the configuration file and restart Redis. You can find that redis-cli cannot be used normally after it is connected to Redis.

(4) if you want to use Red is normally, you need to add a "- a" parameter to re dis-cl I connection.

Redis-cli-a password

two。 Open public network access

(1) Open the configuration file and search "bind" to find the location of the configuration network.

(2) by commenting on this line, you can access Redis from the public network.

In redis-cli, if you want to access the Redis of the public network, you need to specify the address and port, in the following format:

Redis-cli-h Redis address-p port-a password

For example:

Redis-cli-h 192.168.2.10-p 3129-a kingnameisgenius163

In Python, if you want to access the Redis of the public network, you need to modify the code to:

Import redis

Client = redis.Redis (host='192.163.2.10', port=3129, password='kingnameisgenius')

Disable dangerous commands:

Some very high-privilege commands are turned on by default in Redis. Use these commands to control the server by emptying the Redis or writing directly to the mining * * or even the SSH Key public key.

By modifying the configuration file of Redis, some dangerous commands can be renamed or disabled to reduce security risks.

(1) Open the Redis configuration file and add the following lines:

Rename-command CONFIG ""

Rename-command FLUSHDB sfjafjfaerawe

Rename-command FLUSHALL IWERDF

Rename-command PEXPIRE OKASETTW

Rename-command SHUTDOWN ""

Rename-command BGREWRITEAOF SEWERWEFSDF

Rename-command BGSAVE ASDFPEWE

Rename-command SAVE ASDFKLEWE

Rename-command DEBUG ""

(2) if the command is renamed to an empty string, the command is disabled.

For commands that are dangerous but may be used, you can rename them; for commands that are particularly dangerous, you can disable them.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.