ErrorNotes

Fixing the "Could not connect to Redis at 127.0.0.1:6379: Connection refused" Error

beginner🔴 Redis2026-03-16| Linux, macOS, Docker environments (server-side and client-side applications attempting to connect to Redis).

Error Message

Could not connect to Redis at 127.0.0.1:6379: Connection refused
#redis#connection#server#port#troubleshooting#network#firewall#configuration

Error: Could not connect to Redis at 127.0.0.1:6379: Connection refused

You're working with Redis, perhaps on a web application, a background job processor, or a simple command-line tool. Suddenly, you encounter an error: Could not connect to Redis at 127.0.0.1:6379: Connection refused. This message means the system you tried to reach actively turned down your connection request. It's a common stumbling block for developers and administrators, often pointing to issues with the Redis server itself, its setup, or network access.

This error pops up frequently across various operating systems, including popular Linux distributions like Ubuntu, CentOS, and Debian. macOS users might see it too. It also appears often within Docker containers, especially when client applications (such as web servers, background workers, or custom scripts) try to establish a connection to a Redis instance.

Understanding the "Connection refused" Error

When you encounter "Connection refused," it signals that the operating system on the server—where Redis should be running—explicitly rejected your connection attempt. This is quite different from a "Connection timed out" error, which would imply no response at all from the server. A refusal indicates the server host received your request but deliberately said "no." This situation typically arises if:

  • The Redis server process isn't running at all.
  • Redis is set up to listen on a different IP address or port than your client application expects.
  • A firewall is actively blocking connections to the Redis port.
  • Redis is configured for a specific network interface that your client cannot access.

Step-by-Step Fix for Redis Connection Refused

Step 1: Check if the Redis Server is Running

The most common reason for a "Connection refused" error is straightforward: the Redis server process simply isn't active. Let's verify its current status.

On Linux/macOS (using systemd or init.d):

Most modern Linux distributions, such as Ubuntu 16.04+ or CentOS 7+, rely on systemd. If you're on an older system, the service command might be appropriate.

# For systems using systemd (e.g., Ubuntu 16.04+, CentOS 7+, Debian 8+)
sudo systemctl status redis-server

# For older systems using init.d (e.g., Ubuntu 14.04, CentOS 6)
sudo service redis-server status

Look for output that clearly states "active (running)". If Redis isn't running, start it up:

# To start Redis using systemd
sudo systemctl start redis-server

# To start Redis and configure it to launch automatically on boot
sudo systemctl enable redis-server

# To start Redis using init.d
sudo service redis-server start

On Docker:

If your Redis instance lives inside a Docker container, check the container's status.

docker ps

This command lists all currently running containers. Scan the output for your Redis container. If you don't see it, the container isn't running. You'll likely need to start it:

# Replace <redis-container-name> with the actual name or ID of your Redis container
docker start <redis-container-name>

Alternatively, if you're using a docker-compose.yml file:

docker-compose up -d

Step 2: Verify Redis Configuration (Bind Address and Port)

It's possible Redis is listening on an IP address or port different from what your application expects. Remember, the default listening address is 127.0.0.1 (localhost), and the standard port is 6379.

Find your Redis configuration file. Common locations include /etc/redis/redis.conf on Linux or /usr/local/etc/redis.conf (often seen with manual installations or macOS Homebrew).

# A typical location on Linux
sudo nano /etc/redis/redis.conf

# Or for Homebrew installations on macOS
nano /usr/local/etc/redis.conf

Once inside, examine these key directives:

  • bind directive: This setting controls which network interfaces Redis listens on.

    bind 127.0.0.1: Redis will only accept connections from the local machine (localhost). If your client is on a different server (e.g., 192.168.1.50), it won't be able to connect.

    • # bind 127.0.0.1 ::1: If this line is commented out (starts with #), Redis might listen on all available interfaces. However, explicitly defining the bind address is always clearer and safer.
    • bind 0.0.0.0: This tells Redis to listen on all available IPv4 network interfaces, allowing connections from any IP address. Use this cautiously in production; it's generally better to bind to a specific internal IP if remote access is required.
    • bind your_server_ip: If Redis runs on a server with a specific private IP (e.g., 192.168.1.100) and your application connects from another machine in the same network, bind Redis to that specific IP address.

    Ensure the bind address permits your client to connect. For local connections, 127.0.0.1 works perfectly. For remote connections, adjust it to an accessible IP address.

  • port directive: This defines the TCP port Redis uses for listening.

    port 6379: Double-check that this value matches the port your application is configured to use.

After you make any changes to redis.conf, remember to restart the Redis server for the new settings to take effect:

sudo systemctl restart redis-server

Step 3: Check Firewall Rules

Even if Redis is humming along and configured correctly, a firewall could be silently blocking incoming connections to its port (which is 6379 by default).

On Linux (using ufw - Uncomplicated Firewall, common on Ubuntu/Debian):

# Check UFW's current status
sudo ufw status

If UFW is active, confirm that port 6379 (or your custom Redis port) is explicitly allowed. To open the port to connections from anywhere:

sudo ufw allow 6379/tcp

For enhanced security, if only your application server needs to connect, specify its source IP:

# Replace <your_app_server_ip> with the actual IP address of your application server
sudo ufw allow from <your_app_server_ip> to any port 6379

On Linux (using firewalld, common on CentOS/RHEL/Fedora):

# Check firewalld's status and existing rules
sudo firewall-cmd --list-all

If firewalld is active, add the Redis port to your chosen zone (e.g., the public zone):

# Add the port permanently
sudo firewall-cmd --permanent --add-port=6379/tcp
# Reload firewalld to apply these changes
sudo firewall-cmd --reload

Cloud Provider Security Groups/Network ACLs:

If your Redis server operates on a cloud platform like Amazon Web Services (AWS), Google Cloud Platform (GCP), or Microsoft Azure, you'll also need to examine their respective security group or network access control list (NACL) rules. These function as virtual firewalls. Make sure inbound connections on the Redis port (6379 by default) are permitted from your application's specific IP address or subnet range.

Step 4: Verify Redis Password (if enabled)

While a password mismatch usually results in an authentication error, not a "Connection refused," it's still worth confirming. Check if your Redis server has a password set and that your client is providing it correctly. In rare cases, a serious misconfiguration or an outdated client library might incorrectly report an authentication failure as a connection refusal.

Review your redis.conf file for the requirepass directive:

requirepass your_strong_password

If a password is configured, ensure your client application uses it. You can quickly test this with redis-cli:

redis-cli -h 127.0.0.1 -p 6379 -a your_strong_password
ping

You should see PONG as a response, confirming successful authentication.

Step 5: Check Network Connectivity (if connecting from a remote machine)

If your application resides on a different server than your Redis instance, first verify basic network reachability between the two machines.

# From your application server, try to ping the Redis server's IP address
ping <redis_server_ip>

If ping succeeds, it means the fundamental network path is open. Next, try to establish a raw TCP connection to the Redis port. This helps confirm if something is blocking the port itself.

# Using telnet (install if not present: sudo apt install telnet)
telnet <redis_server_ip> 6379

# Or using nc (netcat - install if not present: sudo apt install netcat)
nc -vz <redis_server_ip> 6379

If telnet or nc immediately show "Connection refused" or simply close the connection, it strongly indicates the problem lies at the Redis server's end. This could be because Redis isn't running, has an incorrect bind address, or is blocked by a firewall on the Redis server itself—even if ping was successful.

Verification Steps

After applying any of the fixes above, your immediate next step should always be to attempt a connection to Redis using redis-cli. This is the most direct way to confirm the server's availability and responsiveness.

From the Redis server itself (for a local connectivity check):

redis-cli
ping

If Redis requires a password, include it:

redis-cli -a your_strong_password
ping

A PONG response confirms a successful connection and communication.

From your application server (for a remote connectivity check, if applicable):

redis-cli -h <redis_server_ip> -p <redis_port> -a your_strong_password
ping

Again, you're looking for PONG. Once redis-cli can connect, restart your application and monitor its logs to ensure it now connects to Redis without issues.

Tips for Preventing Future Issues

  • Dedicated User: Always run your Redis server process under a dedicated, unprivileged user account. This significantly enhances security by limiting potential damage if the Redis process is ever compromised.

  • Monitoring: Implement robust monitoring for your Redis instances. Tools like Prometheus, Grafana, or cloud-native monitoring solutions can immediately alert you if the Redis process stops or becomes unreachable. This allows you to proactively address problems before they impact users.

  • Consistent Configuration Management: Document your Redis configuration and use configuration management tools (e.g., Ansible, Puppet, Chef). This ensures your settings—especially bind addresses and port settings—remain consistent across all environments and align with your application's expectations.

  • Firewall Management: Regularly review and audit your firewall rules. Unexpected changes to firewall rules are a common culprit for connectivity problems. Ensure only essential ports are open and restrict source IPs whenever possible for an extra layer of security.

  • Network Segmentation: In complex IT environments, leverage network segmentation to isolate your Redis instances. This helps enforce stricter security policies and prevents unauthorized access by keeping your Redis servers on their own protected network segments.

Related Error Notes

Fix Redis 'READONLY You can't write against a read only replica' Error

READONLY You can't write against a read only replica.

Fix Redis 'ERR value is not a valid float' When Using INCRBYFLOAT

ERR value is not a valid float

Fix Redis 'ERR value is not an integer or out of range' on INCR and DECR Commands

ERR value is not an integer or out of range