General availability of ‘RedisAUTH’

Redis‘ default settings are not always best-practice in every deployment.

If your Redis server is in a different local network or Virtual Private Cloud than the application connecting to it, you might have to open up port 6379 on your network, which means your Redis instance becomes available to the public.

If you’re running a firewall or using security groups for your VPC, the best thing to do is to block all incoming traffic on port 6379 and to whitelist the IP’s from the application or other services that need to connect to your Redis instance.

However, there are more steps you can take to increase the security even further. One of them is Redis AUTH, which is basically a fancy term for a password with atleast 16 ASCII characters.

Manually creating such passwords is an annoying task on itself, but remembering the ASCII characters is additional burden. To simplify the creation of this process, we developed the RedisAUTH Generator.

The RedisAUTH Generator does exactly what it sounds like: generate a RedisAUTH token. It creates a token of 18 ASCII characters by default, but this can be easily adjusted in the script itself. It’s a rather simple tool that’s confirmed to be working on Amazon Linux 2023, Fedora 39, Debian 12, Red Hat Enterprise Linux 9, ArchLinux and SLES.

It is available for free on GitHub. The instructions are included in the repository.