Scraping metrics from Redis cause potential security attack log #1657
Description
What version of redis operator are you using?
redis-operator version: 0.23.0
Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (kubectl version)?
Client Version: v1.33.1
Kustomize Version: v5.6.0
Server Version: v1.32.6
What did you do?
I have deployed a Redis Cluster with Redis Exporter being enabled.
What did you expect to see?
No warnings related to possible security attack.
What did you see instead?
When my monitoring tool scrape the metrics over the service (because there are annotations), my Redis instances throw logs like:
1:M 04 Feb 2026 08:29:43.792 # Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross
Protocol Scripting to compromise your Redis instance. Connection from 10.14.129.80:46166 aborted.
1:M 04 Feb 2026 08:31:29.931 # Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross
Protocol Scripting to compromise your Redis instance. Connection from 10.14.129.80:34262 aborted.
1:M 04 Feb 2026 08:32:33.203 # Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross
Protocol Scripting to compromise your Redis instance. Connection from 10.14.129.80:47266 aborted.
1:M 04 Feb 2026 08:33:43.797 # Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross
Protocol Scripting to compromise your Redis instance. Connection from 10.14.129.80:49022 aborted.
This is because both redis and redis-exporter share the same k8s service.
The IP 10.14.129.80 in my example is the Grafana Alloy instance.