Jump to content

Redis Dangerous Commands


Recommended Posts

I installed the Redis for now but IPS forum doesn't find it. 

 service redis-server status
● redis-server.service - Advanced key-value store
   Loaded: loaded (/lib/systemd/system/redis-server.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2019-02-19 19:40:40 CET; 7min ago
     Docs: http://redis.io/documentation,
           man:redis-server(1)
  Process: 9924 ExecStopPost=/bin/run-parts --verbose /etc/redis/redis-server.post-down.d (code=exited, status=0/SUCCESS)
  Process: 9920 ExecStop=/bin/kill -s TERM $MAINPID (code=exited, status=0/SUCCESS)
  Process: 9917 ExecStop=/bin/run-parts --verbose /etc/redis/redis-server.pre-down.d (code=exited, status=0/SUCCESS)
  Process: 9940 ExecStartPost=/bin/run-parts --verbose /etc/redis/redis-server.post-up.d (code=exited, status=0/SUCCESS)
  Process: 9937 ExecStart=/usr/bin/redis-server /etc/redis/redis.conf (code=exited, status=0/SUCCESS)
  Process: 9933 ExecStartPre=/bin/run-parts --verbose /etc/redis/redis-server.pre-up.d (code=exited, status=0/SUCCESS)

image.png.c76036b87de45b93f07be3ecce7801bc.png

I restarted apache so far no success. I did php -m and it doesn't list Redis their. Are their any extra steps to do to make it work with php 7.2?

Link to comment
Share on other sites

2 hours ago, Ryan Ashbrook said:

Have you installed the Redis PHP Extension?

https://github.com/phpredis/phpredis

(I just did this yesterday using the pecl option).

Thanks!  What about dangerous command? Do you suggest to rename those? I have redis on same machine. Also do I need to give password as server is binded to listen only on local IP ? 

Also how do I check if forum is using redis or not? I mean i added the constant file and such but i am new to the redis. So any way I can check? 

Link to comment
Share on other sites

You can disable specific functions via php.ini.

If Redis is only listening on the local IP address, securing with a login probably isn't too important. Just be sure you don't have any other software installed on the server that may be used as a backdoor into the Redis instance.

There are scripts you can use to check Redis, and there's also a tool/link in the AdminCP under the Support page you can use to view what's stored in Redis.

Link to comment
Share on other sites

Hi,

Thanks! 🙂 

I'm new to Redis, so I have 2 questions:

1. Is it required to install PHPRedis in addition to the regular Redis for using Redis with Invision?

2. The tutorial mentioned by @AlexJ recommends disabling the following Redis commands:

FLUSHDB, FLUSHALL, KEYS, PEXPIRE, DEL, CONFIG, SHUTDOWN, BGREWRITEAOF, BGSAVE, SAVE, SPOP, SREM, RENAME, and DEBUG

Is it safe to disable them, or Invision will break?

Thank you!

Link to comment
Share on other sites

  1. Yes, otherwise PHP cannot talk to Redis, and thus IPS4 can't.
  2. For the purposes of IPS4, I would not disable them. We do not use Redis as a permanent storage. If you insist, then I would do these: CONFIG, SHUTDOWN, BGREWRITEAOF, BGSAVE, SAVE, SPOP, SREM, RENAME. As far as I know, we do not use them.
Link to comment
Share on other sites

2 minutes ago, Ryan Ashbrook said:
  1. Yes, otherwise PHP cannot talk to Redis, and thus IPS4 can't.
  2. For the purposes of IPS4, I would not disable them. We do not use Redis as a permanent storage. If you insist, then I would do these: CONFIG, SHUTDOWN, BGREWRITEAOF, BGSAVE, SAVE, SPOP, SREM, RENAME. As far as I know, we do not use them.

Thank you very much for your help! 🤗

Link to comment
Share on other sites

  • 2 weeks later...

@Ryan Ashbrook Have assigned Reddis - 5GB RAM and yet it shows 31GB available? I have set maxmemory  in redis.cfg 5GB. I would like to limit maxmory to 5GB. Is their anyway to do it because it seems something is wrong. 

 

cat /etc/redis/redis.conf  | grep maxmemory
# according to the eviction policy selected (see maxmemory-policy).
# WARNING: If you have slaves attached to an instance with maxmemory on,
# limit for maxmemory so that there is some free RAM on the system for slave
maxmemory 5GB
# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
# maxmemory-policy noeviction
# maxmemory-samples 5
#  e     Evicted events (events generated when a key is evicted for maxmemory)

 

image.thumb.png.9e8132a7b26dc3212f923ba0d722f4da.png

Link to comment
Share on other sites

  • 3 weeks later...
On 2/22/2019 at 3:57 PM, Ryan Ashbrook said:
  1. Yes, otherwise PHP cannot talk to Redis, and thus IPS4 can't.
  2. For the purposes of IPS4, I would not disable them. We do not use Redis as a permanent storage. If you insist, then I would do these: CONFIG, SHUTDOWN, BGREWRITEAOF, BGSAVE, SAVE, SPOP, SREM, RENAME. As far as I know, we do not use them.

Hi,

Just a quick question about phpredis:

On Github, they specify that we need to configure some php.ini variables to be able to use Redis as a session handler:

Quote

phpredis can be used to store PHP sessions. To do this, configure session.save_handler and session.save_path in your php.ini to tell phpredis where to store the sessions:

session.save_handler = redis
session.save_path = "tcp://host1:6379?weight=1, tcp://host2:6379?weight=2&timeout=2.5, tcp://host3:6379?weight=2&read_timeout=2.5"
 

 

=> Do we need to configure php.ini for the Invision Suite to be able to manage sessions with Redis?

 

Thanks again!

Link to comment
Share on other sites

3 minutes ago, Ryan Ashbrook said:

No, we handle that automatically. You do not need to configure PHP to use Redis for sessions as we'll just override that anyway, with our own session handler (that may also use Redis if you configure the suite to do so).

 

Thank you very much for your help! ❤️ 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...