Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Possible security attack on redis

Tags:

redis

Running the command redis-server it returns:

The server is now ready to accept connections on port 6379

Trying to connect in my browser localhost:6379 I get this message:

Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted. Can anyone help me fix this error please?

like image 213
fatah Avatar asked May 04 '17 17:05

fatah


People also ask

How secure is Redis?

Redis has low security on its own, so it's important to set up a firewall. Setting up a proper firewall configuration will prevent any unauthorized incoming traffic. Some commands are considered dangerous and could be run by mistake or by an unauthorized user.

Is Redis insecure?

Security modelRedis is designed to be accessed by trusted clients inside trusted environments. This means that usually it is not a good idea to expose the Redis instance directly to the internet or, in general, to an environment where untrusted clients can directly access the Redis TCP port or UNIX socket.

What is Redis protected mode?

What Is Redis Protected Mode? Redis protected mode is a security feature that prevents the Redis server from responding to queries outside the loopback interfaces. The Redis server will return an error to any client connecting outside loopback addresses in protected mode.

How does Redis authentication work?

Redis AUTH command is used to authenticate to the server with the given password. If the password matches the password in the configuration file, the server replies with the OK status code and starts accepting commands. Otherwise, an error is returned and the clients needs to try a new password.


1 Answers

You'll need to use a Redis client to connect to Redis, not your browser. Look at this page for a few https://redis.io/clients, or use redis-cli, or even just plain Telnet.

like image 189
Itamar Haber Avatar answered Sep 20 '22 03:09

Itamar Haber