"Possible SECURITY ATTACK detected" when deploying Redis with Docker Compose

Question

"Possible SECURITY ATTACK detected" when deploying Redis with Docker Compose

Quentin FORTIER 1

Hello,

I want to deploy my Flask-Celery-Redis-SocketIO web application (it works well locally).
I uploaded a docker image regmtgscan.azurecr.io/server and use the following docker-compose.yml in my deployment center settings on Azure:

services:
    redis:
        image: mcr.microsoft.com/oss/bitnami/redis:6.0.8
        ports:
            '6379:6379'
        environment:
            ALLOW_EMPTY_PASSWORD: "yes"
    flask:
        build: server
        image: regmtgscan.azurecr.io/server
        ports:
            - '5000:5000'
        links:
            - redis
    celery:
        build: server
        image: regmtgscan.azurecr.io/server
        command: "celery -A app.celery worker --loglevel=info --uid=nobody"
        links:
            - redis
        environment:
            - AZURE_VISION_KEY
            - AZURE_VISION_ENDPOINT

(Note that I am not sure on the syntax : docker-compose uses hyphen (-) when Azure does not, for example. But this is not my problem).

When I start my App Service, I see that every container is launching but I get the following error from the Redis one :

Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted.

This error shut down my app. I can't access my app URL at all.
I don't understand why I get this error and how to solve it.

Can somebody help me solving this?

SnehaAgrawal-MSFT 22,706 Reputation points Moderator

2021-02-15T17:09:11.953+00:00

Thanks for asking question! Could you please confirm if you have enabled this setting, WP_REDIS_HOST, within App Service.
Check: Configure environment variables
Also, the Azure Web App does not support the env. file, all the docker commands are executed by Azure in the backend. Otherwise, the Azure Web App also does not support the build option in the docker-compose file, see the supported options.

Please let us know if you have query on this or issue remains.
Quentin FORTIER 1 Reputation point

2021-02-16T21:10:35.083+00:00

Thanks for your answer.
I tried to add WP_REDIS_HOST but it did not help (maybe it is only useful with WordPress?).
It looks like Azure is posting requests to port 6379 (I don't know why).
Hence I remove the ports exposition in my docker-compose.yml. I don't need it anyway since I am using redis by its container name.
Hari buddhavarapu 1 Reputation point

2021-06-17T16:59:25.917+00:00

Hello, were you able to resolve the issue. I am facing similar issue where in my Redis gives the same message as "Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted." And My app stops.

I tried adding the setting WP_REDIS_HOST=redis but it didnt be of any help too
Quentin FORTIER 1 Reputation point

2021-07-18T10:46:02.603+00:00

Hello. This is what I used for my app, with success: https://github.com/fortierq/mtgscan-app/blob/master/docker-compose.yml
I don't remember exactly what solved the problem, maybe using the official redis image rather than microsoft version.

Your answer

SnehaAgrawal-MSFT 22,706 Reputation points Moderator

2021-02-15T17:09:11.953+00:00

Thanks for asking question! Could you please confirm if you have enabled this setting, WP_REDIS_HOST, within App Service.
Check: Configure environment variables
Also, the Azure Web App does not support the env. file, all the docker commands are executed by Azure in the backend. Otherwise, the Azure Web App also does not support the build option in the docker-compose file, see the supported options.

Please let us know if you have query on this or issue remains.
Quentin FORTIER 1 Reputation point

2021-02-16T21:10:35.083+00:00

Thanks for your answer.
I tried to add WP_REDIS_HOST but it did not help (maybe it is only useful with WordPress?).
It looks like Azure is posting requests to port 6379 (I don't know why).
Hence I remove the ports exposition in my docker-compose.yml. I don't need it anyway since I am using redis by its container name.
Hari buddhavarapu 1 Reputation point

2021-06-17T16:59:25.917+00:00

Hello, were you able to resolve the issue. I am facing similar issue where in my Redis gives the same message as "Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted." And My app stops.

I tried adding the setting WP_REDIS_HOST=redis but it didnt be of any help too
Quentin FORTIER 1 Reputation point

2021-07-18T10:46:02.603+00:00

Hello. This is what I used for my app, with success: https://github.com/fortierq/mtgscan-app/blob/master/docker-compose.yml
I don't remember exactly what solved the problem, maybe using the official redis image rather than microsoft version.

Share via

"Possible SECURITY ATTACK detected" when deploying Redis with Docker Compose

Your answer