Memcache: default binding to world

memcache is currently configured to listen to 0.0.0.0. Binding to world (0.0.0.0) can be dangerous in cases where the hosting machine is exposed, and in general it indicates a non-minimal security posture which can cause other unexpected exposures.

Problem

In memcached.conf:

-l 0.0.0.0

Fix

In memcached.conf, bind to localhost:

-l 127.0.0.1

Or if you have a specific address, bind it explicitly.

See

Memcache default listen to world bug
Serverfault: listen to specific addresses

Updated about 2 months ago