Open Redis port for remote connections

I can ping pong Redis on the server:

# redis-cli ping
PONG

But remotely, I got problems:

$ src/redis-cli -h REMOTE.IP ping
Could not connect to Redis at REMOTE.IP:6379: Connection refused

In config, I got the standard port:

# Accept connections on the specified port, default is 6379.
# If port 0 is specified Redis will not listen on a TCP socket.
port 6379

So maybe I should open port 6379 on the remote Ubuntu machine? How do I do it?

3

10 Answers

Did you set the bind option to allow remote access on the redis server?

Before (file /etc/redis/redis.conf)

bind 127.0.0.1

After

bind 0.0.0.0

and run sudo service redis-server restart to restart the server. If that's not the problem, you might want to check any firewalls that might block the access.

Important: If you don't use a firewall (iptables, ufw..) to control who connects to the port in use, ANYONE can connect to this Redis instance. Without using Redis' AUTH that means anyone can access/change/delete your data. Be safe!

6

For me, I needed to do the following:

1- Comment out bind 127.0.0.1

2- Change protected-mode to no

3- Protect my server with iptables ()

1

Bind & protected-mode both are the essential steps. But if ufw is enabled then you will have to make redis port allow in ufw.

  1. Check ufw status ufw status if Status: active then allow redis-port ufw allow 6379
  2. vi /etc/redis/redis.conf
  3. Change the bind 127.0.0.1 to bind 0.0.0.0
  4. change the protected-mode yes to protected-mode no
2

A quick note that doing this without further securing your Redis server is not a good idea as it can leave you open to attack. Be sure to also implement AUTH or otherwise secure that. See for details.

1- Comment out bind 127.0.0.1

2- set requirepass yourpassword

then check if the firewall blocked your port

iptables -L -n

service iptables stop

A quick note that if you are using AWS ec2 instance then there is one more extra step that I believe is also mandatory. I missed the step-3 and it took me whole day to figure out to add an inbound rule to security group

Step 1(as previous): in your redis.conf change bind 127.0.0.1 to bind 0.0.0.0

Step2(as previous): in your redis.conf change protected-mode yes to protected-mode no

important for Amazon Ec2 Instance:

Step3: In your current ec2 machine go to the security group. add an inbound rule for custom TCP with 6379 port and select option "use from anywhere".

  1. Open the file at location /etc/redis.conf

  2. Comment out bind 127.0.0.1

  3. Restart Redis:

     sudo systemctl start redis.service
  4. Disable Firewalld:

     systemctl disable firewalld
  5. Stop Firewalld:

     systemctl stop firewalld

Then try:

redis-cli -h 192.168.0.2(ip) -a redis(username)
  1. Open $REDIS_HOME/redis.conf and uncomment requirepass -YOUR-PASSWORD-HERE- and write down your password in the specified lines.

  2. Login to redis using redis-cli and verify your password in the database using auth -YOUR-PASSWORD-HERE- command.

  3. Disable protected mode by changing its string in $REDIS_HOME/redis.conf to protected-mode no.

  4. Search for all bind ports values and comment all of them. Just add bind 0.0.0.0 to $REDIS_HOME/redis.conf file.

  5. Disable your firewall or open redis port.

  6. Start redis using ./redis-server $REDIS_HOME/redis.conf.

  7. Check the configuration via ./redis-cli -h -YOUR-IP- -a -YOUR-PASSWORD-HERE-.

  8. Check the configuration via ./redis-cli -h -YOUR-IP- ping.
1

Another possibly helpful note.

Redis can be bound to multiple IPs - that's very helpful when you don't want to open it to entire world (0.0.0.0) but only make it accessible in local networks.

  1. sudo nano /etc/redis/redis.conf
  2. add your local network IP to the end of bind setting:

bind 127.0.0.1 10.0.0.1

  1. restart the service: sudo service redis-server restart

Now you can easily access redis from other computers in same network, e.g.redis-cli -h 10.0.0.1

1

In my case, I'm using redis-stable

Go to redis-stable path cd /home/ubuntu/software/redis-stable

Open the redis.conf

vim redis.conf

Change the bind 127.0.0.1 to bind 0.0.0.0

change the protected-mode yes to protected-mode no

Restart the redis-server:

/etc/init.d/redis-server stop redis-server redis.conf

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like