Redis password settings, access control, and other security settings _ database Other

Source: Internet
Author: User
Tags redis

Redis as a high-speed database, on the Internet, must have a corresponding security mechanism to protect.

1. A more secure approach is to use an IP-bound approach for control.

Copy Code code as follows:

Bind 127.0.0.1

Indicates that access is only allowed through 127.0.0.1 this IP address. Then in fact only oneself can access oneself, the other machine cannot access him.

This order is to be changed in redis.conf.

Attention here, please.

Our common startup mode is Src/redis-server

Change to Src/redis-server redis.conf

Because it needs to load the configuration file.

This method is not very good, I will inevitably have more than one machine access to a Redis service

2. Set password to provide remote login

Redis.conf
Found it
Requirepass
Write on
Requirepass YourPassword
After you set the password, you can log in, but you cannot execute the command.

Copy Code code as follows:

Src/redis-cli-h 192.168.1.121
Keys *
(Error) ERR Operation not permitted

Authorization command
Copy Code code as follows:
Auth 123456

Login with Password method
Copy Code code as follows:
./redis-cli-h 192.168.1.121-a ABCD

Because the Redis concurrency is extremely strong, only the password, the attacker may send a large number of guessing password requests in the short term, it is easy to brute force, so it is recommended that the longer the better, such as 20-bit. (The password in the Conf file is plaintext, so don't worry yourself will forget)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.