Skip to content

Use secure connections to Redis instances#

Security · Azure Cache for Redis · 2020_06

Azure Cache for Redis should only accept secure connections.

Description#

Azure Cache for Redis is configured to accept unencrypted connections using a non-SSL port. Unencrypted connections are disabled by default.

Unencrypted communication to Redis Cache could allow disclosure of information to an untrusted party.

Recommendation#

Azure Cache for Redis should be configured to only accept secure connections.

When the non-SSL port is enabled, encrypted and unencrypted connections are permitted. To prevent unencrypted connections, disable the non-SSL port.

Unless explicitly required, consider disabling the non-SSL port.


Last update: 2022-10-17

Comments