我在EC2上有兩臺服務器。一個託管我的PHP應用程序和其他託管我的Redis服務器。我正在管理我的php會話和redis服務器上的數據。所以在我的PHP服務器上,我給了ip:端口作爲會話保存路徑,並得到了錯誤FastCGI在stderr中發送:「PHP消息:PHP致命錯誤:未知的異常'RedisException'消息'Connection closed'無法連接AWS EC2端口上的Redis服務器6379
我需要在我的redis實例上爲入站流量打開端口6379,我通過在AWS安全組中設置了一個自定義的TCP設置來打開它,但該端口仍然關閉,但我可以在Redis服務器本身上監聽端口。我在這個過程中丟失了任何東西嗎?我需要在其他地方做任何其他的改變。請指導我。我對AWS管理非常陌生 實例1:我使用php,Apache和phpredis 實例2:使用Redis
但是我有Memcache d安裝在通過端口11211連接的實例2上,沒有任何問題。我對Redis使用了相同的安全規則
默認情況下,redis只監聽127.0.0.1,並且您需要明確告訴redis監聽其他接口或任何節點。根據你的發行版本,這可能在某個地方像/etc/redis.conf。最重要的是,如果你想讓redis監聽所有地址(0.0.0.0),你應該在redis.conf中設置proetected-mode no。
在配置Redis的,請咧開的愛情確保您的安全組設置,定義端口是開放的只需要連接到PHP服務器的IP或安全組 redis,而不是整個世界。
僅供參考,這裏是從redis.conf配置部分有關綁定:
# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 lookback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bind 127.0.0.1
# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
# "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode yes