CentOS memcached listen on localhost only

From snippet wiki
Jump to navigation Jump to search

By default the memcached daemon listens on any interface and might be accessible from the internet. You can test this by running: 

# netstat -an|grep 11211
tcp        0      0 0.0.0.0:11211             0.0.0.0:*                   LISTEN      
udp        0      0 0.0.0.0:11211             0.0.0.0:*

To secure that, edit the file in /etc/sysconfig/memcached and add to the OPTIONS line: 

OPTIONS="-l 127.0.0.1"

And restart the service: 

# /etc/init.d/memcached restart
Stopping memcached:                                        [  OK  ]
Starting memcached:                                        [  OK  ]

Have a new try on looking for the listening interface ports: 

# netstat -an|grep 11211
tcp        0      0 127.0.0.1:11211             0.0.0.0:*                   LISTEN      
udp        0      0 127.0.0.1:11211             0.0.0.0:*

That is the result you want.

Retrieved from "http://snippet.wiki/w/index.php?title=CentOS_memcached_listen_on_localhost_only&oldid=535"