Redis in Laravel - password protection

Posted 1 year ago by jeffz2016

I am unsure - despite reading - what is a proper handling of Redis security in Laravel.

I know, that I can set password for Redis using redis-cli:

redis-cli config set requirepass some-password-here

I know, I can set password directly in Redis own redis.conf file using directive requirepass.

I know, that if I use Redis directly, e.g. using redis-cli and when I have password set, I have to pass that password, e.g.:

redis-cli -a some-password-here get name

I know these things, but when it comes to Laravel, I am a bit confused.

If I set Redis password in :

  1. Redis redis.conf file
  2. and I inform Laravel framework about this password by setting .env REDIS_PASSWORD

Does that mean, that Laravel will use that password to automatically protect Redis powered Laravel:

  • echo (broadcasting)
  • queues
  • sessions
  • cache
  • database

I would appreciate some info on this one, or pointer to some online article explaining that.

Please sign in or create an account to participate in this conversation.

Laracasts Mascot

Hi, Have We Met Yet?

Did you know that, in addition to the forum, Laracasts includes well over 1000 lessons on modern web development? All for the price of one lunch out per month.

Sign Me Up

Channels

Reply to

Use Markdown with GitHub-flavored code blocks.