|
|
|
|
|
|
by greyboy
3880 days ago
|
|
|
> Just been hacked through this method and cannot believe > ... that they don't even MENTION the security > concerns from the quickstart guide> > http://redis.io/topics/quickstart ?? Like the 'Securing Redis' section from that link? Securing Redis ============== By default Redis binds to all the interfaces and has no authentication at all. ... 1) Make sure the port Redis uses to listen for connections is firewalled... 2) Use a configuration file where the bind directive is set ... [to] as little network interfaces you are using... 3) Use the requirepass option ... 4) Use spiped or another SSL tunnelling software... |
|
|