Is it normal that I see other's Redis data on shared hosting?

This hosting provider is responsible for the security breach. Considering OWASP's top ten Web application security risks, this is an issue of few security risks: Broken Authentication, Sensitive Data Exposure, and Broken Access Control.

What is your next step is up to you. You should inform the hosting provider, users should be informed by the hosting provider for the possible data breach. This is a very serious security and legal matter since someone's possibly private data is accessible to other users.

See: https://owasp.org/www-project-top-ten/


I work in web hosting. This is not correct and means that they have a serious problem on their hands! Ask for a manager or supervisor. If that goes nowhere, MOVE.

From what you described, they have virtual users for Redis users who pay for it. Rather than disabling it for everyone else, they appear to be allowing everyone to access the same shared pool, causing the security breach you've described.

Tags:

Php

Redis

Related

How to know if a vector is composed by the same elements? iOS today extension with core data Flutter doctor error - Android sdkmanager tool not found. Windows Disable Gradle Offline mode in Android Studio 3.6 Cannot resolve symbol 'ResultProfileBinding' Asp.net core healthchecks randomly fails with TaskCanceledException or OperationCanceledException Scapy: get/set frequency or channel of a packet How to calculate specific rating count hash in ruby on rails? Duplicate class com.google.common.util.concurrent.ListenableFuture found in modules jetified-guava-26.0-android.jar E/LoadedApk: Unable to instantiate appComponentFactory only on Android Q (API 29) $(...).tooltip is not a function rails 6 webpack Why am I getting "A data breach on a site or app exposed your password. Chrome recommends changing your password on "SITENAME" now."

Recent Posts