Redis Server Password
Description
General
- Documentation: https://redis.io/documentation
- Summary: Redis is a distributed in-memory key-value database. This detector aims at catching Redis passwords leaked in CLI. Typically the password is the one used when setting up the server with the
redis-servercommand. - IPs allowlist: IP allowlisting can and should be implemented on the server hosting the Redis instance. Refer to this security documentation for more details.
- Scopes: By default Redis does not implement Access Control. Yet, an authorization layer can be set when configuring Redis. Since Redis 6, a real Access Control List can be set to attribute different scopes to different users. Before this, a single password gave full access to the database. See this ACL documentation for more details on the topic.
Revoke the secret
Redis supports the DELUSER command to both delete the specified users and terminate all their connections.
Check for suspicious activity
Suspicious activity can be detected by auditing Redis log files.
Details for Redis CLI Password
-
Family: identifiers
-
Category: data_storage
-
Company: Redis
-
High recall: False
-
Validity check available: False
-
Analyzer available: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 10.4
-
Prefixed: False
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- redis-server
- type: ContentWhitelistPreValidator
patterns:
- --requirepass
Examples
- text: |
redis:
image: redis:alpine
restart: always
command: /bin/sh -c "redis-server --requirepass ltr6qpi@55"
password: ltr6qpi@55
