redis 3.2를 설치한 후, 접근이 막혀있다. 보안을 높였다. 


$ telnet 1.2.3.4 6379


Escape character is '^]'.

-DENIED Redis is running in protected mode because protected mode is enabled, no bind address was specified, no authentication password is requested to clients. In this mode connections are only accepted from the loopback interface. If you want to connect from external computers to Redis you may adopt one of the following solutions: 1) Just disable protected mode sending the command 'CONFIG SET protected-mode no' from the loopback interface by connecting to Redis from the same host the server is running, however MAKE SURE Redis is not publicly accessible from internet if you do so. Use CONFIG REWRITE to make this change permanent. 2) Alternatively you can just disable the protected mode by editing the Redis configuration file, and setting the protected mode option to 'no', and then restarting the server. 3) If you started the server manually just for testing, restart it with the '--protected-mode no' option. 4) Setup a bind address or an authentication password. NOTE: You only need to do one of the above things in order for the server to start accepting connections from the outside.

Connection closed by foreign host.




HA 기능을 사용한다면, HA 애플리케이션에서 정상적으로 동작하는지 접근할 수 있도록 localhost에서 레디스 redis-cli 실행해서 config set protected-mode no를 실행해 외부 접근을 가능하게 한다. 


$ redis-cli

> CONFIG SET protected-mode no


외부에서 접근가능해져 HA 애플리케이션이 접근할 수 있다.


$ telnet 1.2.3.4 6379

Escape character is '^]'.

OK



이제는 정상적으로 접근된다. 



처음부터 protected-mode가 동작되지 않도록 하려면, redis.conf 에 다음을 추가한다.


bind 0.0.0.0


모든 IP에서 들어올 수 있도록 설정한다는 의미를 가진다. 



참조 : https://redis.io/topics/security

Posted by '김용환'
,