redis Security Management

Database 2019-06-24 19:30:17 views: null

Redis is no default password, and can only access this machine. Use redis-cli later on even execute arbitrary commands. If you want to open outside the network connection, you need to set a password, while disabling dangerous commands or dangerous commands renamed.


1. Set a password
    (1) Open Redis configuration file, search for the keyword "requirepass"
    (2) the "requirepass" comment this line removed, "foobared" this line is the default password, you can change your password
    (3 ) and restart Redis save profile, it can be found even after the redis-cli Redis can not be used properly
    (4) to normal use Red is, when it is necessary to add a re dis-cl i connected "- a" parameter
        redis - cli -a password
2. open the external network access
    (1) open the configuration file, search for "bind" to find the location of the configuration of the network
    (2) connected to this line of official comment, Redis can be accessed from outside the network
    • in redis-cli in If you want to access Redis outside the network, you need to specify the address and port in the following format:
        Redis Redis-cli -h -a address -p port password
        for example:
            Redis-cli -a -h 192.168.2.10 -p 3129 kingnameisgenius163
    • in Python, Redis order to access the external network, need to change the code:
        Import Redis
        Client = redis.Redis (= Host '192.163.2.10', Port = 3129, password = 'kingnameisgenius')


Disable dangerous command:

    Redis is enabled by default in some commands very high authority. Using these commands, ranging from empty Redis, re-write directly *** mining and even SSH Key public key to control the server.
    Redis by modifying the configuration file, some dangerous commands can be renamed or disabled, thereby reducing security risks.

    (1) Open Redis configuration file and add the following lines:
        the rename-the Command CONFIG ""
        the rename-the Command FLUSHDB sfjafjfaerawe
        the rename-the Command flushAll IWERDF
        the rename-the Command PEXPIRE OKASETTW
        the rename-the Command SHUTDOWN ""
        the rename-the Command BGREWRITEAOF SEWERWEFSDF
        the rename-the Command bgsave ASDFPEWE
        the rename the SAVE-command ASDFKLEWE
        the rename command-the DEBUG ""
    (2) if the command to rename the empty string, disable command.
    For some commands more dangerous but may be used, it can be renamed; for some particularly dangerous commands can be disabled.

Guess you like

Origin blog.51cto.com/5660061/2412501
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com