[antirez]

Hello twic, since version 4 Redis by default does not accept connections that are not originating from localhost. Yet we have still problems! Please read the blog post for the exact details about why sane defaults were not enough.

[snowwolf]

I think the point the parent is trying to make is why allow options 1-3 (disable protected mode) at all? Why not require only option 4 to accept non localhost connections?

Although that doesn’t stop someone setting up an install script with a “default” password that becomes known.

[awinder]

Taking a cursory glance you can find a lot of articles on — exposed MySQL / Postgres servers being infected when they run with weak / default passwords. Exposing your db servers beyond the private network is the problem, kudos for trying to support people, but trying to secure open dbs on the net will always be a cat & mouse game.

[twic]

That was my point, yes. And my strange suggestion about having an additional server-generated secret was an attempt to secure even servers with weak passwords.

[twic]

I read the blog post; what i learned from it is that because sane default choices aren't enough, you also have to disallow insane explicit choices!