Security - Redis Password per site

Aswin Coolsaet

Under review

I think, you have at the moment, a security risk with having redis without password.

Once a wordpress is hacked, they can give PLOI-core commands for the deamon to execute.

If we look at other webhosting companies, you have to click on "activate redis" which will create a redis pwd for your webapp to use.

running multiple core instances to the same redis server, shows that it doesn't work, they interfere with each other.

05/02/2024 8:22:46 AM

1 total vote