Installing and Securing Redis on Rocky Linux 9: A Step-by-Step Guide

Introduction:

Redis is a popular open-source, in-memory data structure store used as a database, cache, and message broker. It offers high performance and versatility, making it a preferred choice for various applications. In this article, we will provide a step-by-step guide on how to install and secure Redis on Rocky Linux 9, ensuring your data is protected.

Step 1: Update the System:

Before starting the installation process, it’s crucial to update the system to ensure you have the latest packages. Open a terminal and execute the following command:

sudo dnf update

Step 2: Install Redis:

Rocky Linux 9 provides the Redis package in its default repositories, simplifying the installation process. Use the following command to install Redis:

sudo dnf install redis

Step 3: Configure Redis:

Redis comes with a default configuration file located at /etc/redis.conf. Open this file using a text editor of your choice:

sudo nano /etc/redis.conf

Inside the configuration file, you can modify various settings to suit your requirements. Ensure the following settings are correctly configured:

• Bind: By default, Redis binds to localhost (127.0.0.1). If you want to access Redis from remote machines, change this setting to the IP address of your server.
• Port: The default Redis port is 6379. You can modify it if necessary.
• Requirepass: Uncomment this line and set a strong password to secure your Redis instance.
• Save: Adjust the save settings to specify the frequency at which Redis saves data to disk.

Save and close the configuration file.

Step 4: Start Redis:

After configuring Redis, start the Redis service using the following command:

sudo systemctl start redis

To ensure Redis starts automatically upon system boot, enable the service with the following command:

sudo systemctl enable redis

Step 5: Verify Redis Installation:

To confirm that Redis is running correctly, use the Redis command-line interface. Open a terminal and enter the following command:

redis-cli

If Redis is running, you will see the Redis command prompt. You can now execute Redis commands or check the server status using the PING command.

Step 6: Securing Redis:

Securing your Redis instance is crucial to protect your data. Perform the following steps to enhance Redis security:

• Disable Remote Access: If you don’t require remote access to Redis, consider binding Redis to localhost only. Update the bind configuration option in /etc/redis.conf to 127.0.0.1.
• Use Strong Passwords: Ensure you have set a strong password for your Redis instance. Revisit the requirepass configuration option in /etc/redis.conf to verify the password’s strength.
• Firewall Configuration: Configure your firewall to allow access only to necessary ports (e.g., 6379 for Redis). This prevents unauthorized access to Redis from external sources.
• Enable Redis Authentication: Uncomment the requirepass configuration option in /etc/redis.conf and set a strong password. This enforces authentication for every Redis command.
• Limit Memory Usage: Adjust the maxmemory and maxmemory-policy configuration options in /etc/redis.conf to prevent Redis from using excessive memory.

Step 7: Restart Redis:

After implementing the security measures, restart Redis for the changes to take effect:

sudo systemctl restart redis

Conclusion:

Congratulations! You have successfully installed and secured Redis on Rocky Linux 9. By following the step-by-step instructions, you have ensured that your Redis instance is protected against unauthorized access