How to secure Memcached and ensure its security

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

To allow only the IP addresses that you know to connect to Memcached service, create the iptable rules like these and save it:

iptables -I INPUT -p tcp --dport 11211 -s IPADDRESS -j ACCEPT
iptables -I INPUT -p tcp --dport 11211 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 11211 -j DROP
iptables-save

You can test it by running telnet from other servers to see if it is activated:
for example

telnet IPADDRESS 11211

To check status and then quit:

stats
quit

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

Make sure you configure MemCached to listen to the IP address of the server it is on, for example:
In Debian:

/etc/memcached.conf

or in CentOS:

/etc/sysconfig/memcached

You will find the line like this:

-l 0.0.0.0

0.0.0.0 means it listens to any ip address on the server.
Change it to 127.0.0.1 if you only wants connections from the local server itself.

Leave a Reply

Your email address will not be published. Required fields are marked *