Redis cluster : Possible SECURITY ATTACK detected.
2799:M 09 Mar 06:32:27.233 #Possible SECURITY ATTACK detected.It looks like somebody is sending POST or Host: commands to Redis.This is likely due to an attacker attempting to use Cross Protocol Scrip
·
2799:M 09 Mar 06:32:27.233 #
Possible SECURITY ATTACK detected.
It looks like somebody is sending POST or Host: commands to Redis.
This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance.
Connection aborted.
查询redis 集群日志,发现有这样的告警。
定位之后,就是redis 集群没有设置密码,然后被别人连上了
我自认为是加了服务器访问的白名单,但可能加了白名单之后,需要重启redis 集群才能生效,没有重启所以一直没有生效
索性就是加上密码,并重启redis 一步到位,就没有出现过了
更多推荐
所有评论(0)