@Hari don’t celebrate too early 
Plesk can be the ultimate Achilles Heel when it comes to troubleshooting and resolving issues.
@phenomlab Today I have received this email 
Important notice regarding a potentially misconfigured Redis instance on your Droplet plesk-ubuntu-s-2vcpu-4gb-amd-blr1-01:
Hello,
A recent network security scan suggests your Droplet plesk-ubuntu-s-2vcpu-4gb-amd-blr1-01 is running Redis and that it may be unintentionally exposing data or misconfigured to allow unauthorized access.
Redis listens for traffic from everywhere on port 6379, and you can validate this report by attempting to connect to your Redis on 6379 via a simple telnet command:
telnet 1.0.0.0 6379
If the connection is successful, you will receive output like the following, which will confirm that your Redis installation is visible to the public Internet:
Trying 1.0.0.0....
Connected to 1.0.0.0.
Escape character is '^]'.
You will want to restrict outside access to your Redis instance to prevent outsiders from reading or obtaining your data.
Remediation of this issue will take just a few minutes and is relatively straightforward. You will need to open /etc/redis/redis.conf and uncomment (remove the “#”) or modify the line beginning with:
#bind 127.0.0.1 ::1
Afterwards, restart redis with:
sudo systemctl restart redis
You could find this information also in our community tutorial at: https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-redis-on-ubuntu-20-04
Regards,
Security Operations
DigitalOcean Security
i have tried following multiple guides as i see redis.conf file is empty there is no supervised directive
what should i do to set this IP to local, what code i need to add?
@Hari is this the correct solution?
https://talk.plesk.com/threads/plesk-docker-redis-plesk-firewall-open-port-issue.352324/
@Hari File redis.conf should not be empty. If it were, then REDIS does not work - what’s the output of locate redis.conf ?
@phenomlab said in installing flarum with plesk:
locate redis.conf
root@admiring-goldwasser:~# su - site_sdxtjg95b7
site_sdxtjg95b7@admiring-goldwasser:~$ locate redis.conf
Command 'locate' not found, but can be installed with:
apt install mlocate
Please ask your administrator.
site_sdxtjg95b7@admiring-goldwasser:~$ exit
logout
root@admiring-goldwasser:~# apt install mlocate
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following package was automatically installed and is no longer required:
plesk-py27-pycrypto
Use 'apt autoremove' to remove it.
Suggested packages:
nocache
The following NEW packages will be installed:
mlocate
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 50.1 kB of archives.
After this operation, 258 kB of additional disk space will be used.
Get:1 http://mirrors.digitalocean.com/ubuntu focal/main amd64 mlocate amd64 0.26-3ubuntu3 [50.1 kB]
Fetched 50.1 kB in 0s (326 kB/s)
Selecting previously unselected package mlocate.
(Reading database ... 146957 files and directories currently installed.)
Preparing to unpack .../mlocate_0.26-3ubuntu3_amd64.deb ...
Unpacking mlocate (0.26-3ubuntu3) ...
Setting up mlocate (0.26-3ubuntu3) ...
update-alternatives: using /usr/bin/mlocate to provide /usr/bin/locate (locate) in auto mode
Adding group `mlocate' (GID 121) ...
Done.
Initializing mlocate database; this may take some time... done
Processing triggers for man-db (2.9.1-1) ...
root@admiring-goldwasser:~# locate redis.conf
/var/lib/dpkg/info/plesk-php74-redis.conffiles
/var/lib/dpkg/info/plesk-php80-redis.conffiles
root@admiring-goldwasser:~#
@Hari How did you install Redis ?
@Hari Ok, but this would denote that the service is already listening on 127.0.0.1 and not 0.0.0.0 as originally stated ?
@phenomlab i have mentioned 1.0.0.0 it is actually my server IP i masked it.
after receiving the email saying 111.111.111.111 is getting exposed i have deleted the existing redis docker and followed the above guide as mentioned in Plesk site.
do you think now everything is correctly running?
@Hari Yes, but the screenshot above shows 127.0.0.1 ?
@Hari said in installing flarum with plesk:
do you think now everything is correctly running?
One way to test would be to execute this command from any machine connected to the internet
telnet <ip address> 6379
If it appears to answer, then it’s still exposed. PM me the IP address if you’d like me to check
C:\Users\Hari>telnet 11.11.11.11 6379
Telnet Win32 v2.1b2, Copyright (C) 2000 Paul Brannan <pbranna@clemson.edu>
and the team. This program comes with ABSOLUTELY NO WARRANTY; for details
read LICENSE.TXT. This is free software, and you are welcome to redistribute
it under certain conditions.
Loading configuration options from R:\laragon\bin\telnet\telnet.ini.
Loading ANSI from R:\laragon\bin\telnet\telnet.cfg.
Use configuration: ANSI.
keymap ansi
There are 1 maps.
Trying 11.11.11.11:6379...
Connection timed out.
@Hari Yes, looks good
@phenomlab thanks a lot, have a nice day 
