Redis, which stands for “remote dictionary server,” is a key-value store that stores data as key-value pairs. Redis is a NoSQL database, meaning it does not have tables, rows and columns like in MySQL and Oracle databases. It does not use INSERT, SELECT, UPDATE and DELETE. Instead of this, Redis uses data structures to store data. It uses five primary data structures including Strings, Lists, Sets, Sorted Sets, and Hashes, as well as three extra data structures including bitmaps, hyperloglogs and geospatial indexes. One of the most important features of Redis is that it is an in-memory database, meaning it keeps the data in memory, making it super-fast. However, Redis also has options to write the data to the disk.
In this tutorial, we will show you how to install and secure Redis on Ubuntu 18.04.
Install Redis Server
By default, the Redis package is available in the Ubuntu 18.04 server. You can install it with the following command:
apt-get install redis-server php-redis -y
After installing the Redis server, you will need to configure the Redis server to use the init system for managing Redis as a service. You can configure it by editing redis.conf file:
nano /etc/redis/redis.conf
Find the following line:
supervised no
Replace it with the following line:
supervised systemd
Save and close the file. Then, restart the Redis service to apply the changes:
systemctl restart redis
You can also check the status of the Redis service with the following command:
systemctl status redis
You should get the following output:
Verify Redis Server
It is recommended to test whether the Redis server is functioning as expected or not.
You can test it using the redis-cli command-line utility:
redis-cli 127.0.0.1:6379> ping
If everything is fine, you should get the following output:
PONG
You can now exit from the Redis shell with the following command:
exit
You can also check the version of the Redis with the following command:
redis-cli -v
Output:
redis-cli 4.0.9
For more information about Redis, run the following command:
redis-cli info
You should see the following screen:
You can also verify the Redis listening port with the following command:
netstat -lnp | grep redis
You should see that Redis server is listening on localhost on port 6379:
Secure Redis with Password
By default, Redis can be accessed without any password. It is recommended to secure Redis with a password for security reasons.
First, generate a strong password with OpenSSL command as shown below:
openssl rand 60 | openssl base64 -A
You should see the following output (a password like this):
MGDCmmWh2Ot+aZDv7TBr54SY5PueoSAVhX41sApcOLWYBTlPrfe01OT/nqO0YWK/y0ROozsDi9Dw61jR
Now, paste your password in the Redis configuration file /etc/redis/redis.conf:
nano /etc/redis/redis.conf
Find the following line:
# requirepass foobared
Replace it with the following line:
requirepass MGDCmmWh2Ot+aZDv7TBr54SY5PueoSAVhX41sApcOLWYBTlPrfe01OT/nqO0YWK/y0ROozsDi9Dw61jR
Save and close the file. Then, restart the Redis service to apply the changes:
systemctl restart redis
Now, connect to the Redis command-line with the following command:
redis-cli 127.0.0.1:6379>
Now, run the following command to test whether the Redis password works:
127.0.0.1:6379> set test "How Are You"
You will get the following error because didn’t authenticate:
(error) NOAUTH Authentication required.
Now, authenticate Redis with the password as shown below:
127.0.0.1:6379> auth MGDCmmWh2Ot+aZDv7TBr54SY5PueoSAVhX41sApcOLWYBTlPrfe01OT/nqO0YWK/y0ROozsDi9Dw61jR
You should get the following output:
OK
Now, run the previous command again:
127.0.0.1:6379> set test "How Are You"
Output:
OK
Now, get the value of the test:
127.0.0.1:6379> get test
You should see the following output:
"How Are You"
After testing successfully, exit from the Redis command-line with the following command:
127.0.0.1:6379> exit
Rename Dangerous Commands
It is always a good idea to rename some dangerous commands including config, shutdown, flushdb, flushall and rename. These commands can destroy or wipe your data if run by mistake.
You can rename these commands by editing /etc/redis/redis.conf file:
nano /etc/redis/redis.conf
Add the following lines at the end of the file:
rename-command CONFIG ATLANTICCONFIG rename-command FLUSHDB ATLANTICFLUSHDB rename-command SHUTDOWN ATLANTICSHUTDOWN rename-command FLUSHALL ATLANTICFLUSHALL
Save and close the file, then restart Redis service to implement the changes:
systemctl restart redis
To test the above commands, enter the Redis command line:
redis-cli
Now, authenticate Redis with the password as shown below:
127.0.0.1:6379> auth MGDCmmWh2Ot+aZDv7TBr54SY5PueoSAVhX41sApcOLWYBTlPrfe01OT/nqO0YWK/y0ROozsDi9Dw61jR
You should get the following output:
OK
Now, try to run the original CONFIG command as shown below:
127.0.0.1:6379> config get requirepass
You should get the following error:
(error) ERR unknown command 'config'
Now, try again with the renamed command:
127.0.0.1:6379> atlanticconfig get requirepass
You should see the following output:
1) "requirepass" 2) "MGDCmmWh2Ot+aZDv7TBr54SY5PueoSAVhX41sApcOLWYBTlPrfe01OT/nqO0YWK/y0ROozsDi9Dw61jR"
Conclusion
Congratulations! Your Redis server is now installed and secured. This method is compatible with Atlantic.Net VPS Hosting. For more information, you can visit the Redis documentation page.