FLUSH_DB permission too broad

  • Resolved buddywhatshisname

    (@vhmarkgmailcom)


    2 months, 1 week ago

    On a Redis shared with other apps/users, the FLUSHDB is too dangerous to grant bc it flushes all keys for all users (namespaces). It’d be safer to use SCAN for the prefix, then UNLINK.

Viewing 1 replies (of 1 total)
  • Plugin Author Till Krüss

    (@tillkruess)

    2 months, 1 week ago

    Don’t share the same database index for multiple WordPress installations, isolate each site by given them their own db.

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.