Open bonesoul opened 10 years ago
Would love to see this one implemented as well.
you can use nano /etc/redis/6379.conf and bind address 127.0.0.1 a simple solution.
sorry to say - but 127.0.0.1 is stupid, limited to single box spike, not a solution :-( :boom: We running multi-node pool over 6 servers. Power of Redis is network distribution storage with replications slave-master - localhost is cave for redis. @raistlinthewiz @UnicusSum - Ok, will do this patch to master tree. I'm already using it in own fork.
Good idea hıııh :)
@sysmanalex any progress?
Good idea
@UnicusSum : sorry was too busy. We are using own fork, I doesn't have time to port it to main tree. Just submit changes.
Note: Be aware, redis password is not protection, because of the high performance nature of redis, it is still possible to perform brute-force attack, trying a lot of passwords in very short time.
I would ultimately like to see Redis removed and a real database like MySQL/MariaDB/Etc. be used to take the data out of the RAM and put it on disk with the most frequently used data in memory, obviously managed by the database.
I was going to do it myself, then I got lazy and decided to wait for Pexa pool software to be released.
However until then I could be pacified with a password for redis
For now I use UFW to block the port but allow a certain IP to access it.
ufw deny 6379 ufw allow from 128.123.8.125
Note: if you have a firewall/router outside your PC you need to allow the port through still on the other firewalls - or whitelist all connections from the specific IP address.
So we can further improve the security of the redis-server.