To allow only the IP addresses that you know to connect to Memcached service, create the iptable rules like these and save it:
iptables -I INPUT -p tcp --dport 11211 -s IPADDRESS -j ACCEPT iptables -I INPUT -p tcp --dport 11211 -s 127.0.0.1 -j ACCEPT iptables -A INPUT -p tcp --dport 11211 -j DROP iptables-save
You can test it by running telnet from other servers to see if it is activated:
telnet IPADDRESS 11211
To check status and then quit:
Make sure you configure MemCached to listen to the IP address of the server it is on, for example:
or in CentOS:
You will find the line like this:
0.0.0.0 means it listens to any ip address on the server.
Change it to 127.0.0.1 if you only wants connections from the local server itself.