我的服务器上有一个在docker容器中运行的redis服务器。
我对所有内容都使用默认值。
我用一些键值填充它并调用save。
然而,它每天都被抹去。日志看起来像
Before turning into a replica, using my own master parameters to synthesize a cached master: I may be able to synchronize with the new master with just a partial transfer.
REPLICAOF 46.12.32.122:8886 enabled (user request from 'id=66 addr=82.112.107.100:34932 fd=14 name= age=0 idle=0 flags=N db=0 sub=0 psub=0 multi=-1 qbuf=46 qbuf-free=32722 obl=0 oll=0 omem=0 events=r cmd=slaveof user=default')
Connecting to MASTER 46.12.32.122:8886
MASTER <-> REPLICA sync started
Non blocking connect for SYNC fired the event.
Master replied to PING, replication can continue...
Trying a partial resynchronization (request 05e89fe9fc1391690bdeed6ce650cfd4eb511553:1).
Full resync from master: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ:1
Discarding previously cached master state.
MASTER <-> REPLICA sync: receiving 55664 bytes from master to disk
MASTER <-> REPLICA sync: Flushing old data
MASTER <-> REPLICA sync: Loading DB in memory
Wrong signature trying to load DB from file
Failed trying to load the MASTER synchronization DB from disk
Connecting to MASTER 46.12.32.122:8886
MASTER <-> REPLICA sync started
Non blocking connect for SYNC fired the event.
Error reply to PING from master: '-Reading from master: Operation now in progress'
Connecting to MASTER 46.12.32.122:8886
MASTER <-> REPLICA sync started
Non blocking connect for SYNC fired the event.
Error reply to PING from master: '-Reading from master: Connection reset by peer'
Connecting to MASTER 46.12.32.122:8886
MASTER <-> REPLICA sync started
Non blocking connect for SYNC fired the event.
Error reply to PING from master: '-Reading from master: Connection reset by peer'
Connecting to MASTER 46.12.32.122:8886
MASTER <-> REPLICA sync started
Non blocking connect for SYNC fired the event.
Error reply to PING from master: '-Reading from master: Connection reset by peer'
Connecting to MASTER 46.12.32.122:8886
MASTER <-> REPLICA sync started
Non blocking connect for SYNC fired the event.
Error reply to PING from master: '-Reading from master: Operation now in progress'
Connecting to MASTER 46.12.32.122:8886
MASTER <-> REPLICA sync started
Non blocking connect for SYNC fired the event.
Error reply to PING from master: '-Reading from master: Connection reset by peer'
Module ./red2.so failed to load: It does not have execute permissions.
Setting secondary replication ID to 05e89fe9fc1391690bdeed6ce650cfd4eb511553, valid up to offset: 1. New replication ID is e6492767f48bc9203cda8c66520d29701364391d
MASTER MODE enabled (user request from 'id=66 addr=82.112.107.100:34932 fd=14 name= age=7 idle=0 flags=N db=0 sub=0 psub=0 multi=-1 qbuf=34 qbuf-free=32734 obl=0 oll=0 omem=0 events=r cmd=slaveof user=default')
我想这与问题有关,但我非常困惑为什么会发生这种情况(实际复制和失败(
问题:redis端口对互联网开放。
解决方案是关闭它。
正如以下参考文献中所解释的,这显然是对公开Redis的滥用。
结论:我们需要阻止所有来自互联网的Redis传入请求
https://www.linkedin.com/pulse/evening-redis-kinsing-malware-jasim-alam/
https://www.trendmicro.com/en_in/research/20/d/exposed-redis-instances-abused-for-remote-code-execution-cryptocurrency-mining.html
https://nbailey.ca/post/redis-hack/