Hacker News new | ask | show | jobs
by ceejayoz 510 days ago
That used to be the default setup for Redis, too. Might still be. You aren’t supposed to have it on a public subnet.
2 comments
SahAssar 510 days ago
> You aren’t supposed to have it on a public subnet.

That's an incredibly bad assumption. To have defaults assume that you are on a protected network (what does that even mean? like what permissions are assumed just because you are on the same network? admin?) is just bad practice.

link
ceejayoz 510 days ago
Private networking for internal things like databases has been the standard best practice for a long, long time.
link
SahAssar 510 days ago
Safe default configuration has been the standard practice for even longer.
link
ceejayoz 510 days ago
I’m all for both.
link
achillean 510 days ago
It's not anymore! They actually changed their defaults and it helped tremendously to reduce the exposure of Redis instances on the Internet.
link