SECURITY部分:
1.密码设置:
# Require clients to issue AUTH <PASSWORD> before processing any other
# commands. This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
requirepass foobared
# Command renaming.
#
# It is possible to change the name of dangerous commands in a shared
# environment. For instance the CONFIG command may be renamed into something
# hard to guess so that it will still be available for internal-use tools
# but not available for general clients.
#
# Example:
#
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
#
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
# rename-command CONFIG ""
#
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to replicas may cause problems.
要求客户端在处理任何其他命令之前发出AUTH<PASSWORD>。在您不信任其他人可以访问运行redis服务器的主机的环境中,这可能很有用。
对于向后兼容性和因为大多数人不需要auth(例如,他们运行自己的服务器),这应该保持注释。
警告:由于Redis速度相当快,外部用户可以在一个好的框架中尝试每秒高达150k个密码。这意味着你应该使用一个非常强的密码,否则很容易破解。
可以在共享环境中更改危险命令的名称。例如,CONFIG命令可能会被重命名为一些难以猜测的内容,以便它仍然可以用于内部使用的工具,但不能用于一般客户机。
也可以通过将命令重命名为空字符串来完全终止命令
请注意,更改登录到AOF文件或传输到副本的命令的名称可能会导致问题。
网友评论