How do I secure my Redis server?

Linode Staff

I want to install some software for the server to open to the intranet, but I find that it seems that it is not my linode node that can also access my intranet linode. How can I avoid this situation? For example, one of my redis servers provides services to the intranet, but because there is no password set, what if someone connects maliciously? How do I set it up?

1 Reply

First you should secure your Linode by doing the following:

  • Update your system frequently (setting up automatic security updates is a good idea)
  • Add a limited user account
  • Disable remote root access
  • Install and configure Fail2ban
  • Configure a firewall

The steps above are applicable to any Linode you deploy, but Redis servers require a bit more securing. If you have not already, you definitely want to setup a firewall and you probably want to do that with iptables. You can also encrypt your Redis traffic by using an SSH tunnel or the methods described in the Redis Security documentation. It's also a good idea to setup your Redis server to only listen for connections on the localhost interface or your Linode's private IP address.

We also have a Redis guide with more detailed information on installing a Redis server that you might find helpful.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct