I can ping pong Redis on the server:
# redis-cli ping
PONGBut remotely, I got problems:
$ src/redis-cli -h REMOTE.IP ping
Could not connect to Redis at REMOTE.IP:6379: Connection refusedIn config, I got the standard port:
# Accept connections on the specified port, default is 6379.
# If port 0 is specified Redis will not listen on a TCP socket.
port 6379So maybe I should open port 6379 on the remote Ubuntu machine? How do I do it?
310 Answers
Did you set the bind option to allow remote access on the redis server?
Before (file /etc/redis/redis.conf)
bind 127.0.0.1After
bind 0.0.0.0and run sudo service redis-server restart to restart the server. If that's not the problem, you might want to check any firewalls that might block the access.
Important: If you don't use a firewall (iptables, ufw..) to control who connects to the port in use, ANYONE can connect to this Redis instance. Without using Redis' AUTH that means anyone can access/change/delete your data. Be safe!
For me, I needed to do the following:
1- Comment out bind 127.0.0.1
2- Change protected-mode to no
3- Protect my server with iptables ()
Bind & protected-mode both are the essential steps. But if ufw is enabled then you will have to make redis port allow in ufw.
- Check ufw status
ufw statusifStatus: activethen allow redis-portufw allow 6379 vi /etc/redis/redis.conf- Change the
bind 127.0.0.1tobind 0.0.0.0 - change the
protected-mode yestoprotected-mode no
A quick note that doing this without further securing your Redis server is not a good idea as it can leave you open to attack. Be sure to also implement AUTH or otherwise secure that. See for details.
1- Comment out bind 127.0.0.1
2- set requirepass yourpassword
then check if the firewall blocked your port
iptables -L -n
service iptables stop
A quick note that if you are using AWS ec2 instance then there is one more extra step that I believe is also mandatory. I missed the step-3 and it took me whole day to figure out to add an inbound rule to security group
Step 1(as previous): in your redis.conf change bind 127.0.0.1 to bind 0.0.0.0
Step2(as previous): in your redis.conf change protected-mode yes to protected-mode no
important for Amazon Ec2 Instance:
Step3: In your current ec2 machine go to the security group. add an inbound rule for custom TCP with 6379 port and select option "use from anywhere".
Open the file at location
/etc/redis.confComment out
bind 127.0.0.1Restart Redis:
sudo systemctl start redis.serviceDisable Firewalld:
systemctl disable firewalldStop Firewalld:
systemctl stop firewalld
Then try:
redis-cli -h 192.168.0.2(ip) -a redis(username) Open $REDIS_HOME/redis.conf and uncomment
requirepass -YOUR-PASSWORD-HERE-and write down your password in the specified lines.Login to redis using redis-cli and verify your password in the database using
auth -YOUR-PASSWORD-HERE-command.Disable protected mode by changing its string in $REDIS_HOME/redis.conf to
protected-mode no.Search for all bind ports values and comment all of them. Just add
bind 0.0.0.0to $REDIS_HOME/redis.conf file.Disable your firewall or open redis port.
Start redis using
./redis-server $REDIS_HOME/redis.conf.Check the configuration via
./redis-cli -h -YOUR-IP- -a -YOUR-PASSWORD-HERE-.- Check the configuration via
./redis-cli -h -YOUR-IP- ping.
Another possibly helpful note.
Redis can be bound to multiple IPs - that's very helpful when you don't want to open it to entire world (0.0.0.0) but only make it accessible in local networks.
sudo nano /etc/redis/redis.conf- add your local network IP to the end of
bindsetting:
bind 127.0.0.1 10.0.0.1
- restart the service:
sudo service redis-server restart
Now you can easily access redis from other computers in same network, e.g.redis-cli -h 10.0.0.1
In my case, I'm using redis-stable
Go to redis-stable path cd /home/ubuntu/software/redis-stableOpen the redis.conf
vim redis.confChange the
bind 127.0.0.1tobind 0.0.0.0change the
protected-mode yestoprotected-mode noRestart the redis-server:
/etc/init.d/redis-server stop redis-server redis.conf