Skip to content
Snippets Groups Projects
Select Git revision
  • 0f434e0b9b2762de663f9a0a2930f9fdc3c23ab4
  • master default protected
2 results

config

  • Clone with SSH
  • Clone with HTTPS
  • user avatar
    Lukas Reschke authored
    For enhanced security it is recommended to configure Redis to only accept connections with a password. (http://redis.io/topics/security)
    
    This is especially critical since Redis supports the LUA scripting language and thus a simple SSRF vulnerability (as proven in http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ for example) may lead to a remote code execution.
    78cad94f
    History
    Name Last commit Last update
    ..
    .htaccess
    config.sample.php