Today, we’re excited to introduce a new security feature that automatically safeguards your Redis instances using Access Control Lists (ACLs). With this update, RunCloud ensures that your Redis deployments are securely configured by default, providing an additional layer of protection for your data.
This is particularly important if you host multiple web applications on a single server. Newly-deployed servers and web applications are secured by default.
Note: The minimum agent version is 2.8.9+8.
A big thank you goes out to the security researcher – Vladimir Smitka – who performed a series of tests and originally reported this proposed improvement to how Redis works by default on RunCloud.
What this means for you:
The process we previously covered in our documentation on how to secure Redis using ACLs is now handled out of the box for you. No more manual configuration/setup. 
On newly deployed servers and web applications – Redis will be secured by default.
For existing servers/web apps, please refer to this guide on how to secure existing web applications. Due to the individual/custom configurations of existing web apps – the setup process may vary slightly. If you run into any issues, please feel free to get in touch if you run into any issues.
