Redis

How to Install and Secure Redis on Ubuntu 24.04

Redis is an advanced key-value store that is widely used for caching, real-time analytics, and as a message broker. Its speed, simplicity, and data structure flexibility make it an excellent choice for application developers. However, like any other database, proper installation and security measures are essential for a robust deployment. In this post, we’ll guide you through the process of installing and securing Redis on Ubuntu 24.04.

Prerequisites

Before you begin, you should have:

  1. A server running Ubuntu 24.04.
  2. A non-root user with sudo privileges.
  3. Basic knowledge of the Linux command line.

Step 1: Update your System

Start by ensuring that your system is up to date. Run the following commands:

sudo apt update
sudo apt upgrade -y

Step 2: Install Redis

  1. Install Redis using the default package manager.
   sudo apt install redis-server -y
  1. Verify the installation by checking the Redis service status:
   sudo systemctl status redis

You should see output indicating that Redis is active and running.

Step 3: Configure Redis

Next, you’ll want to adjust the Redis configuration to suit your needs for performance and security. The main configuration file is located at /etc/redis/redis.conf.

  1. Open the Redis configuration file:
   sudo nano /etc/redis/redis.conf
  1. Modify the following settings:
  • Set a password: Find the line that starts with # requirepass foobared and change it to: requirepass your_secure_password
  • Change the binding address: By default, Redis may be accessible from any IP address. To limit access, set the bind option. You can bind it to 127.0.0.1 (only accessible from the localhost) or specify your server’s IP address. Replace the line with: bind 127.0.0.1
  • Set a protected mode: Ensure that protected mode is enabled (it should be by default): protected-mode yes
  1. Save and exit the file (for nano, press CTRL + X, then Y, and hit Enter).
  2. Restart Redis to apply the changes:
   sudo systemctl restart redis

Step 4: Enable Redis to Start on Boot

To ensure that Redis starts automatically when your server reboots, run the following command:

sudo systemctl enable redis

Step 5: Secure Redis

While you’ve made some crucial configuration changes, it’s essential to implement additional security measures:

  1. Use a firewall: If you haven’t already, configure a firewall using ufw to restrict access.
   sudo ufw allow 22/tcp  # Allow SSH access
   sudo ufw allow 6379/tcp  # Allow Redis access (only if needed)
   sudo ufw enable

Consider only allowing specific IP addresses to access Redis if you must expose it on the network.

  1. Disable remote access: As mentioned earlier, it’s best to bind Redis to localhost if it’s not necessary for external applications.
  2. Update Redis frequently: Regularly check for security updates for Redis itself and apply them as needed.
  3. Consider Using TLS/SSL: If you need to access Redis over a public network, consider using a secure tunnel or enabling TLS to encrypt data transmitted between your applications and the Redis server.
  4. Monitor and Log Redis Activity: Keep an eye on your Redis logs to detect any unauthorized access or irregular activity. You can configure Redis to log client connections and commands.

Conclusion

Congratulations! You have successfully installed and secured Redis on Ubuntu 24.04. By following these steps, you can ensure that your Redis server is optimized for performance and protected against unauthorized access. Redis is a powerful tool, and with the right configuration and security measures, it can greatly enhance the performance of your applications.

Do you want to explore more about Redis, or have any questions? Leave your comments below!

Happy Coding!