Valkey: Improve Valkey security
This documentation is part of the Getting Started guide. You can view the complete guide here: Quick Guide to Getting Started with Valkey.
👋 Welcome to the Stackhero documentation!
Stackhero offers a ready-to-use Valkey cloud solution that provides a host of benefits, including:
Redis Commanderweb UI included.- Unlimited message size and transfers.
- Effortless updates with just a click.
- Optimal performance and robust security powered by a private and dedicated VM.
Save time and simplify your life: it only takes 5 minutes to try Stackhero's Valkey cloud hosting solution!
Enhancing the security of your Valkey setup is crucial. Here are two important measures you can implement to maximize security.
Encrypt communications with Valkey (TLS)
By default, Valkey does not encrypt communications. However, on Stackhero, TLS encryption is provided out of the box.
To leverage this feature, simply configure your Valkey client to use TLS encryption and connect to your instance using the port <PORT_TLS>, instead of the non-encrypted <PORT_CLEAR>.
The great news is that you do not need to worry about additional setup, we have prepared everything for you.
Protect your Valkey from brute force attacks
Your Valkey instance is safeguarded with a strong, automatically predefined password by Stackhero. If you decide to change it, ensure the password is extremely complex.
Valkey is swift and, unfortunately, lacks built-in brute force attack protection. An attacker could potentially attempt up to 150,000 password combinations per second.
To mitigate this, passwords must be at least 16 characters long (4.5231285e+74 possibilities), and by default, we set a 64-character password (9.61963e+111 possibilities!).
For added security and to effectively thwart brute force attempts, it is advisable to configure Stackhero's firewall (accessible in the "Firewall" tab) to restrict connections to only your IP addresses. This is a critical step that will significantly bolster your security!