- Add to redis.conf a random password : requirepass “averylongrandompassword”
- Configure your redis client to use AUTH for every connection :
- Restart redis server.
- For another layer of security, use stunnel to proxy encrypted data to and from redis.
- Disable commands that are not used, that could be dangerous like FLUSHALL or FLUSHDB in the config file or rename it to a random string: