Security Issue: Memcached

pdvyas · January 20, 2015, 7:38am

Dear Community,

As per default configuration, memcached on CentOS 6 and CentOS 7 listens on all IPs and thus is accessible from outside if your server’s firewall is not restrictive by default.

You can secure memcached by editing the file /etc/sysconfig/memcached and replacing the line

OPTIONS=""

with

OPTIONS="-l 127.0.0.1"

Then restart memcached,

service memcached restart

New installations will configure memcached to listen on only localhost.

jagular · January 20, 2015, 10:43am

Sugestion: please add new category Security and tag this kind of posts.
Is nice practice pinn it globally, but is only temporary solution.
Then most of the security post stay in grey …
I hope, this can improve the transparency of detected problems …

pdvyas · January 20, 2015, 11:48am

@jagular Done! Thanks

System19 · January 21, 2015, 9:29pm

Excellent idea jagular. Thank you for the memcached info pdvyas.