Free Assessment

Azure_RedisCache_7

Ensure that the Redis Cache accepts only SSL connections

Description

It is recommended that Redis Cache should allow only SSL connections. Note: some Redis tools (like redis-cli) do not support SSL. When using such tools plain connection ports should be enabled.

Remediation

Perform the following in the Azure Console:

  1. Go to Redis Caches.
  2. For each Redis Cache:
  3. Click on Advanced settings
  4. Set the Allow access only via SSL to ‘Yes’
  5. Select Save

Default Values:
By default, non-SSL access is disabled for new caches.

References:

  1. https://docs.microsoft.com/en-us/azure/redis-cache/cache-configure#advanced-settings
  2. https://docs.microsoft.com/en-us/azure/redis-cache/cache-faq#when-should-i-enable-the-non-ssl-port-for-connecting-to-redis

Service

Database Services

Severity

High

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More