How to Find Exposed Redis Servers on the Internet
A step-by-step guide to discovering unprotected Redis instances using Zondex internet search.
Search for Redis on default port
Redis typically runs on port 6379. Start with a basic search to find all indexed Redis instances.
You can also search port:6379 alone to find services running on the Redis default port.
Filter by country
Narrow results to a specific country to focus your research scope.
Use ISO 3166-1 alpha-2 country codes: US, DE, GB, FR, JP, etc.
Check for vulnerabilities
Find Redis servers with known CVEs that may be exploitable.
Search by organization
Focus on a specific organization to assess their Redis exposure.
Use quotes around organization names with spaces or special characters.
Look for specific versions
Older Redis versions may have known vulnerabilities. Search for specific version strings.
Redis versions below 6.0 typically have no built-in ACL system.
shield Remediation & Hardening
- check_circle Enable authentication with requirepass directive in redis.conf
- check_circle Bind Redis to localhost or specific internal IPs only
- check_circle Use firewall rules to restrict port 6379 access
- check_circle Enable TLS encryption for Redis 6.0+
- check_circle Disable dangerous commands (FLUSHALL, CONFIG, DEBUG) with rename-command
- check_circle Keep Redis updated to the latest stable version
Try It Now
Search for Redis across 85M+ indexed hosts — free, no registration required.
search Search Redis