redis installation introduction
Article directory
1. redis installation
1. Check whether gcc is installed before installation
2. Install redis
Download redis
http://download.redis.io/releases/redis-6.2.9.tar.gz
Unzip and install
tar -zxvf redis-6.2.9.tar.gz
cd redis-6.2.9
make
make test
make install
3. Start redis
cd redis-6.2.9/src
./redis-server
ps -ef|grep redis
The service has been started.
Enter the redis client.
2. Modify Redis unauthorized access vulnerability
1. Modify redis.conf
Redis is an open source log-type Key-Value database written in ANSI C language, supports network, can be memory-based and persistent, and provides APIs in multiple languages.
There is an unauthorized access vulnerability in Redis. An attacker can use this vulnerability to execute arbitrary code without authorized access to Redis and obtain the permissions of the target server.
- Set password access authentication and set a complex password by modifying "requirepass" in the redis.conf configuration file;
- Configure the firewall to prohibit the Redis service from being opened to the public network;
- Modify the redis.conf configuration file to restrict access to the IP address of the Redis server (bind 127.0.0.1 or specified IP, based on actual business judgment);
vi redis.conf
Find the requirepass parameter, delete the comment, and add the corresponding access password
. Find the bind parameter and set restrictions on access to the redis server IP.
2. Restart redis
nohup ./redis-server redis.conf >output 2>&1 &
Stop service:
Log in to redis-cli authentication to set a password
[root@localhost src]# ./redis-cli
127.0.0.1:6379> get key
(error) NOAUTH Authentication required.
127.0.0.1:6379> AUTH 123456
OK
127.0.0.1:6379> get key
(nil)
127.0.0.1:6379>