Redis security aspect

Hi !
Short question:
I have installed redis for file/mem-locking.
I think for security aspect setting a password (makes problem) is not necessary when protected-mode on and binding to
Am I right ? :question:
Thnx for answer! lg. joe

why not to use the socket? port 0 plus

why the password causes problem?

Thnx. But I am still using unix-socket (not TCP) ! Joe :grinning:

so why did you wrote something about bind to

port 0 turns off tcp listening.

# Accept connections on the specified port, default is 6379.
# If port 0 is specified Redis will not listen on a TCP socket.
port 0

if you’re the only “user” on the server and the permissions of the socket are correct, that should be save. (safe?)

I think this is the right way to force usage of the Redis socket from within Nextcloud:

'redis' => array (
  'host' => '/var/run/redis/redis.sock',
  'port' => 0,
  'timeout' => 0.0

Thanks for your answer. Yes I did that (although I increased timeout value and left binding to - binding to localhost is set per default and I didn’t change that). And so far I am the only user (testing). So I think it’s safe.
Again thanks for answering.
With kind regards, Joe