为远程连接打开Redis端口

Question

I can ping pong Redis on the server:

# redis-cli ping
PONG

But remotely, I got problems:

$ src/redis-cli -h REMOTE.IP ping
Could not connect to Redis at REMOTE.IP:6379: Connection refused

In config, I got the standard port:

# Accept connections on the specified port, default is 6379.
# If port 0 is specified Redis will not listen on a TCP socket.
port 6379

So maybe I should open port 6379 on the remote Ubuntu machine? How do I do it?

Answer 1

Did you set the bind option to allow remote access on the redis server?

Before (file /etc/redis/redis.conf )

bind 127.0.0.1

After

bind 0.0.0.0

and run sudo service redis-server restart to restart the server. If that's not the problem, you might want to check any firewalls that might block the access.

Important: If you don't use a firewall (iptables, ufw..) to control who connects to the port in use, ANYONE can connect to this Redis instance. Without using Redis' AUTH that means anyone can access/change/delete your data. Be safe!

Answer 2

For me, I needed to do the following:

1- Comment out bind 127.0.0.1

2- Change protected-mode to no

3- Protect my server with iptables ( https://www.digitalocean.com/community/tutorials/how-to-implement-a-basic-firewall-template-with-iptables-on-ubuntu-14-04 )

Answer 3

A quick note that doing this without further securing your Redis server is not a good idea as it can leave you open to attack. Be sure to also implement AUTH or otherwise secure that. See http://redis.io/topics/security for details.

Answer 4

1- Comment out bind 127.0.0.1

2- set requirepass yourpassword

then check if the firewall blocked your port

iptables -L -n

service iptables stop

Answer 5

1. Open $REDIS_HOME/redis.conf and uncomment requirepass -YOUR-PASSWORD-HERE- and write down your password in the specified lines.

2. Login to redis using redis-cli and verify your password in the database using auth -YOUR-PASSWORD-HERE- command.

3. Disable protected mode by changing its string in $REDIS_HOME/redis.conf to protected-mode no .

4. Search for all bind ports values and comment all of them. Just add bind 0.0.0.0 to $REDIS_HOME/redis.conf file.

5. Disable your firewall or open redis port.

6. Start redis using ./redis-server $REDIS_HOME/redis.conf .

7. Check the configuration via ./redis-cli -h -YOUR-IP- -a -YOUR-PASSWORD-HERE- .

8. Check the configuration via ./redis-cli -h -YOUR-IP- ping .

Answer 6

A quick note that if you are using AWS ec2 instance then there is one more extra step that I believe is also mandatory. I missed the step-3 and it took me whole day to figure out to add an inbound rule to security group

Step 1(as previous): in your redis.conf change bind 127.0.0.1 to bind 0.0.0.0

Step2(as previous): in your redis.conf change protected-mode yes to protected-mode no

important for Amazon Ec2 Instance:

Step3: In your current ec2 machine go to the security group. add an inbound rule for custom TCP with 6379 port and select option "use from anywhere".

Answer 7

1. Open the file at location /etc/redis.conf

2. Comment out bind 127.0.0.1

3. Restart Redis:

    sudo systemctl start redis.service

4. Disable Firewalld:

    systemctl disable firewalld

5. Stop Firewalld:

    systemctl stop firewalld

Then try:

redis-cli -h 192.168.0.2(ip) -a redis(username)

Answer 8

In my case, I'm using redis-stable

Go to redis-stable path 
 cd /home/ubuntu/software/redis-stable

Open the redis.conf

vim redis.conf

Change the bind 127.0.0.1 to bind 0.0.0.0

change the protected-mode yes to protected-mode no

Restart the redis-server:

/etc/init.d/redis-server stop
 redis-server redis.conf

Answer 9

Bind & protected-mode both are the essential steps. But if ufw is enabled then you will have to make redis port allow in ufw.

1. Check ufw status ufw status if Status: active then allow redis-port ufw allow 6379
2. vi /etc/redis/redis.conf
3. Change the bind 127.0.0.1 to bind 0.0.0.0
4. change the protected-mode yes to protected-mode no

Answer 10

Another possibly helpful note.

Redis can be bound to multiple IPs - that's very helpful when you don't want to open it to entire world ( 0.0.0.0 ) but only make it accessible in local networks.

1. sudo nano /etc/redis/redis.conf
2. add your local network IP to the end of bind setting:

bind 127.0.0.1 10.0.0.1

3. restart the service: sudo service redis-server restart

Now you can easily access redis from other computers in same network, eg redis-cli -h 10.0.0.1