NOAUTH errors in WP error log

  • Resolved grl570810

    (@grl570810)


    2 weeks, 5 days ago

    I apologise if this is the wrong place to post as I doubt there’s an error in the plugin but hope the solution is so obvious I won’t be wasting much of your time…

    I am attempting to implement a redis cache on my WorPress sites (specifically those running WooCommerce). The server is running nginx & mariadb, csf firewall & the website is using Divi as the theme and has Wordfence running.
    I have installed Redis server

    • It’s bound only to localhost:
      bind 127.0.0.1 -::1
    • It’s got protected mode on:
      protected-mode yes
    • and has require password set
      requirepass *******************

    I can connect to it with redis-cli using AUTH <password> and it responds to ping with PONG

    In the csf firewall there is no entry for the redis port (left at default 6379), in other words I am confident there is no possibility of remote bad guys issuing direct calls to redis.
    TCP_IN = “20,21,22,25,53,853,80,123,443,10000,22222,49900:49999”

    In the WordPress site I have the password in the wp-config file:
    define( ‘WP_REDIS_PREFIX’, ‘<site>.net.au:’ );
    define( ‘WP_REDIS_DISABLE_BANNERS’, true );
    define(‘WP_REDIS_PASSWORD’, ‘**********);    (I have double-triple checked, the password matches!)

    The Redis Object Cache plugin is installed, it shows the cache as operational:

    The diagnostics look OK to me:

    https://repository.epicsites.com.au/Redis_OC_Diags.txt

    and the Redis Object Cache in the dashboard is reporting sensible looking activity:

    Here’s the problem: every time I browse the site I get heaps of errors in the log:

    redis sent invalid response: “-NOAUTH Authentication required.” while reading response header from upstream client:111.111.111.111, server: xxxx.net.au, request: “GET / HTTP/2.0”, subrequest: “/redis-fetch”, upstream: “redis://127.0.0.1:6379”, host: xxxx.net.au
    (the IP address matches the public IP of my home office, so I know these are genuine attempts to access redis via the website.)

    I’m at a complete loss, what have I done wrong that causes requests to be sent to redis without passing the AUTH password? I’ve googled a lot and found nothing helpful, I’m hoping you can spare the time to look at this.
    Thanks, Graham

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Till Krüss

    (@tillkruess)

    2 weeks, 4 days ago

    Is this running on a single machine? No scaling or containers, in that case it could be your Opcache caching the wp-config.php file too aggressively.

    Thread Starter grl570810

    (@grl570810)

    2 weeks, 4 days ago

    Thanks for the suggestion. Yes, it’s a standalone VPS server. I have added the wp-config.php file to the opcache blacklist, restarted php-fpm service, and unfortunately that’s made no difference.

    Any other ideas? Is there any way I can improve the logging to give me a better picture of what’s going on?

    Plugin Author Till Krüss

    (@tillkruess)

    2 weeks, 3 days ago

    The error NOAUTH Authentication required means that Redis wasn’t given a password, nothing else would trigger it.

    Make sure WP_REDIS_PASSWORD is set at the top of the configuration file.

    Otherwise disable the password, since it’s local anyhow.

    Thread Starter grl570810

    (@grl570810)

    2 weeks, 1 day ago

    Unfortunately relocating the WP_REDIS_PASSWORD (& all the other WP_REDIS… define statements) to the top didn’t work either. Very weird.

    Although it pains me I have disabled the requirement for a password, I have at the same time changed the port to at least give me a bit more security.

    I’ll continue to try and work out the problem, and will update here if I find it, as that may be of use to others. Thanks Till for your assistance.

Viewing 4 replies - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.