diff --git a/docker/redis/redis.conf b/docker/redis/redis.conf
index 01fe034cfe..9f12604fe9 100644
--- a/docker/redis/redis.conf
+++ b/docker/redis/redis.conf
@@ -84,7 +84,7 @@ bind redis 127.0.0.1
 # you are sure you want clients from other hosts to connect to Redis
 # even if no authentication is configured, nor a specific set of interfaces
 # are explicitly listed using the "bind" directive.
-protected-mode yes
+protected-mode no
 
 # Accept connections on the specified port, default is 6379 (IANA #815344).
 # If port 0 is specified Redis will not listen on a TCP socket.
@@ -1874,4 +1874,4 @@ jemalloc-bg-thread yes
 # by setting the following config which takes a space delimited list of warnings
 # to suppress
 #
-# ignore-warnings ARM64-COW-BUG
\ No newline at end of file
+# ignore-warnings ARM64-COW-BUG
diff --git a/plugins/OAuth2/bin/install.sh b/plugins/OAuth2/bin/install.sh
index e5e09acd06..ee55a838b2 100755
--- a/plugins/OAuth2/bin/install.sh
+++ b/plugins/OAuth2/bin/install.sh
@@ -9,6 +9,7 @@ if [ ! -f private.key ]; then
     openssl rsa -in private.key -pubout -out public.key
 
     chown www-data:www-data private.key public.key
+    chmod 600 private.key public.key
 else
     echo "Keys exist, nothing to do"
 fi