Basic configuration tutorial
1. Update the package list
sudo apt update
2. Install Redis
sudo apt install redis-server -y
3. Start and enable on boot
sudo systemctl enable redis-server
4. Verify service status
sudo systemctl status redis-server
5. Basic Configuration
Open the configuration file for editing:
sudo vim /etc/redis/redis.conf
Find and modify the following core settings:
# Allow external connections (default allows localhost only)
bind 0.0.0.0
# Disable protected mode
protected-mode no
# Set a password (Mandatory! Otherwise, it is extremely vulnerable to cryptojacking)
requirepass your_strong_password
Common Configuration Items Explained:
| Config Item | Description | Recommended Value |
|---|---|---|
bind |
Listening address | 127.0.0.1 for local-only, 0.0.0.0 for remote access |
requirepass |
Set password | Mandatory in production environments |
maxmemory |
Max memory limit | e.g., 256mb |
supervised |
Process management mode | Change to systemd |
6. Restart to apply changes
sudo systemctl restart redis-server
7. Open firewall port
sudo ufw allow 6379/tcp
Note: If you are using a cloud server (e.g., Tencent Cloud, Alibaba Cloud), you must also allow inbound traffic on port
6379in the security group settings on your cloud console.
8. Test local connection
Run this on your client machine:
redis-cli -h YOUR_SERVER_PUBLIC_IP -p 6379 -a your_strong_password
Once connected, type ping. If it returns PONG, the connection is successful.
Troubleshooting Connection Issues
If you cannot connect, follow these 5 logical steps to troubleshoot:
1. Check if the Redis server is running
Execute on your production server:
sudo systemctl status redis-server
2. Check the Redis listening address
Verify the bind setting in the configuration file:
sudo grep "^bind" /etc/redis/redis.conf
Make sure the output is bind 0.0.0.0 and not bind 127.0.0.1.
3. Confirm the actual listening port of Redis
Check the network port allocation:
sudo ss -tlnp | grep 6379
Normally, it should show 0.0.0.0:6379. If it shows 127.0.0.1:6379, the bind setting was either incorrect or the service wasn't restarted.
4. Check firewall status
Verify your firewall rules to ensure port 6379 is allowed:
sudo ufw status
5. Crucial Step: Check the Cloud Server Security Group
If you are using a cloud server (e.g., a Tencent Cloud instance starting with IP 119.91), you must add a security group rule in the cloud provider's console.
Example operation path: Tencent Cloud Console → Security Group → Inbound Rules, and add:
| Protocol | Port | Source |
|---|---|---|
| TCP | 6379 | 0.0.0.0/0 |