How can I secure an Open Memcached Server?

Memcached is a free & open source, distributed memory object caching system. It is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering.

How to secure Memcached

A Memcached report identifies hosts that have the Memcached key-value store running and accessible on the internet. Since this service does not allow authentication, any entity with access to the Memcached instance has full control over the key-value store, which can be exploited for DDoS attacks.

It's smart to change the firewall settings so that only trustworthy sources can bind to Memcached. The default port for Memcached is 11211/tcp. Once you've set up your firewall, run the following command to see if it's open.


Example of an OpenMemCached Server:

$ sudo nmap -sS -p 11211 -sV ip_address_here
Starting Nmap 6.49BETA4 ( ) at 2015-09-16 15:13 CEST
Nmap scan report for

Host is up (0.0072s latency).
11211/tcp open  memcached Memcached 1.4.4

Service detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 11.89 seconds


How to close it?


$ sudo ufw deny 11211



$ sudo firewall-cmd --zone=public --permanent --remove-port=11211/tcp
$ sudo firewall-cmd --reload
Have more questions? Submit a request


Article is closed for comments.