Memcached / redis

May I suggest you to configure redis in a more secure way ?
like

  1. adding a password to access redis
  2. not getting access to everyone by using a group to redis service
  3. and for more speed and security using the socket instead of the TCP port

[[ -z $REDISPWD ]] &&
REDISPWD=$(openssl rand --base64 24)
sed 's ^port.* port 0 ’ -i /etc/redis/redis.conf
sed 's ^# unixsocket .* unixsocket /var/run/redis/redis.sock ’ -i /etc/redis/redis.conf
sed 's ^# unixsocketperm .* unixsocketperm 770 ’ -i /etc/redis/redis.conf
sed "s ^# requirepass .* requirepass $REDISPWD " -i /etc/redis/redis.conf
for hUSER in $(grep hestia /etc/group cut -d: -f4 sed ‘s/,/ /g’); do
usermod -aG redis $hUSER; done
systemctl restart redis
ref

so at the end your apps will access redis like this
nextcloud as an example

6 Likes