Introduction
Redis is an open-source in-memory data store. It’s used as a flexible, highly available key-value database that maintains a high level of performance.
Apart from its performance and flexibility, Redis stands out with its wide language support, high availability, and automatic partitioning.
In this tutorial, learn how to install Redis on Ubuntu 20.04 / 18.04.
Prerequisites
- A system running Ubuntu 20.04 (or Ubuntu 18.04)
- Access to a terminal window/command line
- Sudo or root privileges on local /remote machines
Install and Secure Redis on Ubuntu
The following steps explain how to install Redis on Ubuntu 20.04. You can also use this guide on Ubuntu 18.04.
Apart from installing and setting up the basic configuration, the guide covers how to add password authentication, bind Redis to localhost and rename dangerous commands.
Step 1: Install Redis
Follow the steps outlined below to install and configure Redis on your Ubuntu system.
1. Start by updating the package repository:
sudo apt update
2. Then, install Redis with the command:
sudo apt install redis-server
Step 2: Configure Redis
1. Once the installation is complete, modify the Redis configuration file. To do so, open the file with a text editor of your choice (we are using nano):
sudo nano /etc/redis/redis.conf
2. Next, find the line specifying the supervised
directive. By default, this line is set to no
. However, to manage Redis as a service, set the supervised directive to systemd (Ubuntu’s init system).
3. Save the changes and close the file.
4. Finally, restart the Redis service by running:
sudo systemctl restart redis.service
Step 3: Verify Redis Installation
To ensure you have set up Redis correctly, test if the service is running. Also, test the connection to the server, and whether you can set a key-value pair.
Step 3.1: Check Redis Service Status
Check the status of the Redis service by running the command:
sudo systemctl status redis
The output should display the service is active (and running), as in the image below.
Step 3.2: Check Redis Connection
You should also verify the connection with the Redis server using the redis-cli tool. To connect with this command-line client, enter the following in the terminal window:
redis-cli
This moves you to the redis-cli command prompt. To test the connectivity, run:
ping
The output should respond with:
PONG
Step 3.3: Test Setting up Key-Value Pairs
Since Redis is an in-memory key-value NoSQL database, you may also want to test whether it retrieves assigned values based on the specified key.
First, set a key using the set command. In this example, the key is labeled as key1
and should have the value of "You have successfully set up a key-value pair!"
.
To do this, run the command:
set key1 "You have successfully set up a key-value pair!"
2. Once you hit Enter, the prompt responds with OK.
3. Now, check whether you have successfully assigned the given value to the key with the get
command:
get key1
4. The output should respond with the message you attached as the value in the first step.
5. To exit out of the Redis shell run:
quit
Note: Redis is incredibly flexible and supports a wide variety of data types. Read our article to learn all about Redis Data Types.
Step 4: Secure Redis
Step 4.1: Set Up Redis Authentication
Redis includes an authentication feature as an additional security layer. The feature is not enabled by default. Therefore, you need to modify the configuration file to activate it.
1. To start, open the Redis configuration file for editing:
sudo nano /etc/redis/redis.conf
2. Then, locate the requirepass
directive under the SECURITY section and uncomment it (by removing #
).
3. Once you have uncommented the line, replace foobared
with the password of your choice.
4. Save and close the file.
5. Restart the Redis service:
sudo systemctl restart redis.service
Once you configure Redis to require authentication, it will refuse any query until you provide the required password.
For example, if you switch to the redis-cli command prompt and try to run the ping test, the output displays the message: (error) NOAUTH Authentication required.
The only way to start working in Redis in such a case is to provide the password defined in the configuration file.
Use the command:
auth [your_password]
If the output responds with OK
you are good to go.
Step 4.2: Bind Redis to Localhost
If you installed the software following the steps outlined above, Redis should only be accessible from localhost. Limiting access in such a way is a matter of network security.
However, you may have changed the default settings and now want to restrict connections to localhost.
To do so, open the Redis configuration file for editing:
sudo nano /etc/redis/redis.conf
Scroll down and find the NETWORK section in the file. Then, uncomment the bind 127.0.0.1 ::1
line (by removing #
), as in the image below.
Once you save and exit the file, make sure to restart the service with:
sudo systemctl restart redis
With this, you have successfully managed to bind Redis to localhost, restricting access to other connections.
Note: If you are new to Redis and looking for a way to easily clear cache or to automate cache clearing, please refer to our guide How To Clear Redis Cache.
Step 4.3: Rename or Kill Dangerous Commands
Another way to protect your data is to disable specific commands or rename them, so they are unguessable. This is a useful security feature that can restrict normal users from using commands that could harm the system.
To disable or rename such commands, open the Redis configuration file:
sudo nano /etc/redis/redis.conf
Locate the SECURITY section and scroll down to the #Command renaming
line. There you can find examples on how to rename or kill commands.
For example, to rename the CONFIG
command, add the line:
rename-command CONFIG [new_command_name]
In this example, the config
command is renamed to sys_admin_config_836
(something a normal user would not be able to guess).
To remove certain commands, you can disable (kill) them. To do this, rename the dangerous command into an empty string.
Therefore, if you want to disable the config
command, add the line:
rename-command CONFIG ""
After you have made these changes, make sure to save the changes, and restart the Redis service.
Conclusion
This tutorial should help you install and set up Redis on your Ubuntu 20.04 (or 18.04). Also, it provided a few tips on securing your Redis data store.
NoSQL databases, like Redis, are meant to run efficiently in distributed clusters that scale out horizontally. Using Docker to deploy Redis in a container makes horizontal scaling a routine, straightforward process.
Đăng ký liền tay Nhận Ngay Bài Mới
Subscribe ngay
Cám ơn bạn đã đăng ký !
Lỗi đăng ký !
Add Comment