> For the complete documentation index, see [llms.txt](https://ret2basic.gitbook.io/ctfnote/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ret2basic.gitbook.io/ctfnote/web/redis/mitigations.md).

# Mitigations

Modify `redis.conf` to disable dangerous commands:

```
rename-command FLUSHALL ""
rename-command CONFIG ""
rename-command EVAL ""
```

Create a redis user for Redis operations:

```bash
$ groupadd -r redis && user add -r -g redis redis
```

Modify `redis.conf` to add a password for Redis authentication:

```
requirepass mypassword
```

Modify `redis.conf` to allow access from localhost only:

```
bind 127.0.0.1
```

Set correct permission for `authorized_keys` to prevent attackers from adding their public keys into this file:

```bash
$ chmod 400 ~/.ssh/authorized_keys
```
