Securing Memcached from UDP attack in Debian and Ubuntu server

[Sandeep B.]

  

In this tutorial we’ll secure Memcached server from UDP attacks in Dwbian and ubuntu servers which are common now a days, if you’re not using firewall and the memcached port is closed for the world you’re safe from this attacks.

If your Memcached server is only used by your local server then add the below line which will disable UDP  and only listen to localhost IP, which will prevent your server from being exposed on the internet by disabling the UDP protocol. UDP Protocol is now old technology which is not required anymore. TCP is more secure and today all are using it with Memcached.

Edit memcached config file :

nano /etc/memcached.conf

Add this line -l 127.0.0.1 -U 0 at the end of the file :

-l 127.0.0.1 -U 0

If your Memcached server is binding with ip, add the following OPTIONS line, which will only disable the UDP protocol:

-l -U 0

After that you need to restart the memcached server  and done.

systemctl restart memcached