参考:https://redis.io/topics/security
Protected mode
Unfortunately many users fail to protect Redis instances from being accessed from external networks. Many instances are simply left exposed on the internet with public IPs. For this reasons since version 3.2.0, when Redis is executed with the default configuration (binding all the interfaces) and without any password in order to access it, it enters a special mode called protected mode. In this mode Redis only replies to queries from the loopback interfaces, and reply to other clients connecting from other addresses with an error, explaining what is happening and how to configure Redis properly.
We expect protected mode to seriously decrease the security issues caused by unprotected Redis instances executed without proper administration, however the system administrator can still ignore the error given by Redis and just disable protected mode or manually bind all the interfaces.
Redis 从 3.2 开始加强安全管理,如果 redis 没有设置密码,那么 redis 客户端只能从本地进行访问,如果是从其他机器连接过来访问的,就会报错误。
保护模式下,可以查看参数 protected-mode 值为 yes
解决办法
- 为 Redis 设置密码
- 将
protected-mode值设置为为 no1
config set protected-mode no