Redis®*: Enhancing Redis security
This documentation is part of the Getting started guide. You can view the complete guide here: Quick guide to getting started with Redis.
👋 Welcome to the Stackhero documentation!
Stackhero offers a ready-to-use Redis cloud solution that provides numerous benefits, including:
Redis Commanderweb UI included.- Unlimited message size and transfers.
- Simplified updates with just a click.
- Optimal performance and enhanced security powered by a private and dedicated VM.
Save time and simplify your life: it only takes 5 minutes to try Stackhero's Redis cloud hosting solution!
Keeping your Redis instance secure is important, and a few simple measures can make a big difference.
Encrypt communications with Redis (TLS)
By default, Redis does not encrypt network traffic. On Stackhero, TLS encryption is enabled by default.
To benefit from this, you can configure your Redis client to use TLS and connect through the <PORT_TLS> port. It is best to use <PORT_CLEAR> only for specific cases where unencrypted traffic is appropriate, while <PORT_TLS> provides encrypted communication.
The good news is that there is nothing extra to configure on the server side. We already take care of that part for you.
Protect Redis against brute-force attacks
Your Redis instance is protected with a password, and Stackhero automatically generates a strong one by default. If you decide to change it, it is best to choose a very long and complex password.
Redis is extremely fast, and it can process a very high number of authentication attempts. In practice, that means an attacker could potentially try up to 150,000 password combinations per second.
To strengthen protection, we enforce a minimum password length of 16 characters, which represents approximately 4.5231285e+74 possible combinations. By default, Stackhero uses a 64-character password, which represents about 9.61963e+111 possible combinations.
For even stronger protection, you can also configure Stackhero firewall rules from the Firewall tab to allow connections only from your own IP addresses. This is one of the most effective ways to improve your overall security posture.