`/topics/installation.md` references exploit venerable below Redis 3.2 and has instructions for `init.d`
stockholmux opened this issue · 0 comments
In pre-publishing review (#91), the following issues were noted:
Note that a Valkey instance exposed to the internet without any security is very simple to exploit, so make sure you understand the above and apply at least a firewall layer.
The firewall is good advice, but the exploit outlined is fixed in 3.2+, this advice should probably be updated to made relevant for 2024/Valkey.
A proper install using an init script is strongly recommended.
Note: The available packages for supported Linux distributions already include the capability of starting the Valkey server from /etc/init.
This section proceeds to go into quite a bit of detail in creating a init.d
script. In 2024, would be we better off providing instructions for a service?