Skip to content

Port 6380: Redis over TLS

Key idea:

Port 6380 (TCP) is the standard for Redis over TLS. Redis 6+ supports TLS on a separate port (usually 6380) alongside plain 6379. Cloud hosters (AWS ElastiCache, Redis Cloud, Yandex) expose only the TLS port — plain 6379 is off.

Below: what uses this port, security considerations, online check, FAQ.

Check your host & ports →

What runs on this port

Redis over TLS

Redis 6+ supports TLS on a separate port (usually 6380) alongside plain 6379. Cloud hosters (AWS ElastiCache, Redis Cloud, Yandex) expose only the TLS port — plain 6379 is off.

Security considerations

Redis without TLS = all commands + AUTH password in plain text. TLS (port 6380) + requirepass mandatory for public-facing Redis.

Check this port online

Check port online →

Enterno.io Ping + Port checker tests TCP reachability of any port from 3 regions (Moscow / Frankfurt / Virginia).

Understanding Redis over TLS Configuration

Configuring Redis to use TLS on port 6380 involves several steps to ensure secure communications between clients and the Redis server. Below is a step-by-step guide:

  • Install Redis 6 or later: Ensure that you are using a version of Redis that supports TLS. You can download it from the official Redis website.
  • Generate SSL Certificates: You will need a server certificate, a private key, and a certificate authority (CA) certificate. Use the following OpenSSL commands to create a self-signed certificate:
openssl req -new -x509 -days 365 -nodes -out redis-server-cert.pem -keyout redis-server-key.pem
  • Configure Redis for TLS: Edit the Redis configuration file (usually redis.conf) to include the following parameters:
tls-port 6380
tls-cert-file /path/to/redis-server-cert.pem
tls-key-file /path/to/redis-server-key.pem
tls-ca-cert-file /path/to/ca-cert.pem
  • Start Redis: Launch Redis with the modified configuration file:
redis-server /path/to/redis.conf

Once configured, Redis will only accept secure connections on port 6380. It is recommended to disable the non-TLS port (6379) for added security.

Common Use Cases for Port 6380 in Redis

Port 6380 is primarily used for secure connections to Redis servers, especially in cloud environments. Here are some common use cases:

  • Cloud Database Services: Providers like AWS ElastiCache and Redis Cloud exclusively expose port 6380 for secure access. This ensures all data transmitted between your application and Redis is encrypted.
  • Microservices Architecture: In microservices environments, where multiple services interact with Redis, using TLS on port 6380 helps maintain data integrity and confidentiality across service boundaries.
  • Data Ingestion Pipelines: For applications that process sensitive data, such as personal information or financial transactions, using Redis over TLS on port 6380 safeguards against eavesdropping and man-in-the-middle attacks.
  • Regulatory Compliance: Organizations subject to regulations like GDPR or HIPAA may require encryption for data in transit. Utilizing Redis over TLS on port 6380 can help meet these compliance standards.

By adopting port 6380 for Redis, businesses can enhance security while ensuring reliable data management across various applications.

Testing and Diagnosing TLS Connection on Port 6380

To ensure that your Redis instance is correctly configured to accept TLS connections on port 6380, you can perform a series of tests using command-line tools. Here’s how you can test and diagnose the TLS connection:

  • Using OpenSSL: You can test the TLS connection by running the following command:
openssl s_client -connect your-redis-server:6380 -tls1_2

This command attempts to establish a secure connection to your Redis server. Look for the Verify return code: 0 (ok) message, which indicates that the TLS certificate is valid.

  • Redis CLI with TLS: If you have the Redis CLI configured for TLS, you can connect using:
redis-cli -h your-redis-server -p 6380 --tls

Once connected, you can run Redis commands securely. If you encounter any connection issues, make sure to check the following:

  • Ensure that your Redis server is running and listening on port 6380.
  • Verify that the certificates are correctly specified in your redis.conf file.
  • Check firewall settings to ensure that port 6380 is open and accessible.

By following these steps, you can effectively diagnose and validate your Redis TLS setup on port 6380.

Learn more

Sources

Frequently Asked Questions

Is port 6380 open by default?

No, modern cloud providers (AWS, Google Cloud, Yandex) close all incoming ports by default. You must explicitly allow port 6380 in a Security Group or firewall.

How to check if port 6380 is reachable?

Use <a href="/en/ping">Enterno Ping + Port Checker</a>. Or in shell: <code>nc -vz example.com 6380</code>.

Is port 6380 safe to expose?

Depends on the service. Redis over TLS should never be exposed publicly without authentication + TLS. See <a href="/en/s/research-open-ports-exposure-2026">our 2026 exposure research</a>.

Try the live tool that powered this guide

Free plan — 10 monitors, checks every 5 min, no card required. Upgrade for 1-minute interval and multi-region monitoring.