• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Onyx Docker Redis Firewall Security

Burak Özdemir

Burak Özdemir

New Pleskian
hi, i am using trial version of PO. I installed a docker redis container and configured my drupal installation and it works like charm. :)

Docker IP and ports are as follows:
IP address for docker0: 172.17.0.1
Port mapping:
6379 to 32770

plesk mod_security with free comodo rules, plesk firewall and plesk fail2ban are all on through plesk ui with default settings. (i also installed mod_evasive manually from the ssh terminal, and I think that it is also activated :) )

Now I have some questions in mind.

Do I have to close ports 6379 and 32770 to incoming connections with a custom rule in Plesk firewall? Without any other configuration (with a default installation of docker redis official container), is redis accessible from outside world by default etc.?

If i have to configure plesk firewall to secure redis, how can I do it?

thanks,
burak
 
Yes, that's one of the big security issue with redis container.
You can edit the container configuration with the redis.conf file available in the volume storage of your container, or use the firewall to block connections from outside.
But currently with the default configuration redis is accessible from outside, without any password.
You can also install redis-server on your server and use the redis.conf to bind it to 127.0.0.1
 
virtubox said:
use the firewall to block connections from outside
Click to expand...

how can I do this with the given values for docker container:
Docker IP and ports are as follows:
IP address for docker0: 172.17.0.1
Port mapping:
6379 to 32770

PS: Although I am not a pro of the issue, I think that it won't be a good practice to install a server-wide redis instead of using redis docker container.
 
Use the firewall to block access from outside the server.
Docker is still very young and to I was running it with docker at the beginning, but the stability was good enough. And running redis-server with Plesk is not a problem at all
 
You must log in or register to reply here.

Similar threads

M
Issue Change default networks for docker extension
Replies
0
Views
147
martin.g
M
TheColin21
Resolved Docker outbound traffic gets blocked after 18.0.67 Update #3
2
Replies
28
Views
12K
Sebahat.hadzhi
Sebahat.hadzhi
S
Resolved Redis with docker: How to provide file path for redis.conf as first argument?
Replies
2
Views
3K
nMLxTMJTZ
N
D
Issue Headscale on Plesk/Client Unable to Reach Server/Firewall Configs
Replies
0
Views
1K
dmcgrat4
D
R
Question Accessing Redis from local cli
Replies
1
Views
1K
Spring
S
Back
Top