[Feature request] Allow binding to multiple IPs #274

Closed
slowernet opened this Issue Dec 27, 2011 · 13 comments

Projects

None yet
@slowernet

I prefer IP binding instead of/in addition to requirepass to keep my instances off the Internet at large. However, enabling replication necessitates unbinding from localhost. Thus I think it would be best to allow binding to a list of IPs. I'm agnostic over whether this would be best specified via comma-delimited IPs or multiple bind directives.

@Burningmace

+1 on this.

I've been exploring Redis as a potential security penetration vector and in a single day I've found >30 internet-facing servers running Redis on the standard port, including two very large and well known sites (both of which have been contacted about the issue).

People should be highly encouraged to specify a bind address and an AUTH key. It may even be prudent to make binding to a set of IPs mandatory, thus preventing the global-bind issue.

@senfomat

+1 from my side as well.

We have webclusters with multiple network-interfaces, one facing to the internet and one facing to the inner side. And I don't want to listen at all on the outside interface. But on localhost and the inner side. I think multiple bind-statements would be a good solution.

@andremoniz

+1 on this

@tomthorogood

Another +1. I think it'll take Redis far.

@antirez
Owner
antirez commented Nov 14, 2012

Accepted and scheduled for 2.8. Thanks

@tomthorogood

You're the best!

@slowernet

@antirez It's been a while since I wrote C, but given enough time, I'd be willing to take a crack at a pull request here, if that was useful. (No worries if you'd prefer to handle it yourself!)

Would you want this implemented as multiple calls to bind(), or a single bind (to 0.0.0.0) with some sort of access control?

@mezzatto

I think this is somewhat related to #551

@freewil
freewil commented May 2, 2013

👍

@AllenDou
AllenDou commented May 2, 2013

+1

@sibblegp

+1

@antirez
Owner
antirez commented Jul 10, 2013

Implemented, closing.

@antirez antirez closed this Jul 10, 2013
@linmaosheng

+1 on this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment