Good morning! Thank you for your answers, Dan and Manny.
The variants that you both have told me are great, but in our service,
we can't restrict via IP or VLAN. On the other hand, we will implement
in the near future the "only allow HTTP POSTs".
I have been reading Slashdot this morning. And, to my surprise, I read
this article:
https://linux.slashdot.org/story/16/08/10/237230/linux-trojan-mines-for-cryptocurrency-using-misconfigured-redis-servers
This was the exact thing that happened to me, as I described below. So I
started to search how could I protect myself of this problems. So I
found this page http://redis.io/topics/security that tell us to bind the
Redis listening IP to the loopback interface.
So I searched for the /etc/redis/redis.conf file and it was already set.
So the next step is to configure a password. But here the problem
arises. I will be following this guide
https://www.digitalocean.com/community/tutorials/how-to-secure-your-redis-installation-on-ubuntu-14-04
But the problem is, how can I configure GenieACS to work with a
password-protected Redis? I simply don't know where to apply it, or if
it's going to require new code.
Any guidance? I would appreciate it a lot!
Thank you,
Sergio Fernández
PS. I am trying to reduce space for this message and I deleted the
previous answers.
_______________________________________________
Users mailing list
[email protected]
http://lists.genieacs.com/mailman/listinfo/users
