Shulou(Shulou.com)06/02 Report--

This article will explain in detail how to protect Redis security, the content of the article is of high quality, so the editor will share it for you as a reference. I hope you will have some understanding of the relevant knowledge after reading this article.

In Redis4.x and above, because of the new module function, an attacker can make the attacked server load malicious .so files by constructing malicious code, Lucky 28 source code to build bbs.yasewl.com. If redis-server is started with root authority, three-point airship source code sets up bbs.yasewl.com so that malicious code can be executed, and the attacker can create any file he wants to create on the server, which is very harmful.

The Redis author's philosophy is "simplicity is beautiful", so there is no complex security configuration for Redis, so how to ensure the security of Redis?

Configure a firewall to protect redis

Configure a firewall to prevent external users from accessing its redis port.

Do not use the default port of redis

Prevent external users from accessing Redis, specify the IP of trusted Redis, prevent external access, and only trusted user IP can access Redis port. If it is not prohibited, it is very likely that all data will be deleted when attacked from the outside.

Password authorization is required to set up access to redis

Redis forces password authentication to be enabled for classic network instances. Users can avoid password breach by setting complex passwords. It is important to note that the strength of the password should be set high enough, for example, more than 32 bits. The performance of redis is very good, if you break the password violently, it can reach 150000 times per second.

Use the disable command

In Redis, you can disable commands or rename them to unpredictable names, so that only internal users can use these renamed names, while the average user can only use some of the commands.

On how to protect the security of Redis to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.