Redis serves as a swiss-army-knife for all things data, queue, logs and more. This means it is more than probable that data in Redis is sensitive and requires proper security around it.
Redis is currently configured to listen to
0.0.0.0. Binding to world (
0.0.0.0) can be dangerous in cases where the hosting machine is exposed, and in general it indicates a non-minimal security posture which can cause other unexpected exposures.
Since you have
protected-mode no your Redis instance is vulnerable. It is strongly recommended to set
Updated 4 days ago