Memcached is an open source distributed memory object caching program that allows users to cache data and objects in memory to improve and speed up the performance of dynamic Web applications. Memcached is also used to cache entire data tables and queries to improve database performance. Memcached is a free caching system used by many large websites.

Memcached configuration errors may cause denial of service attacks. In this article, I share how to install and secure a Memcached server on RHEL-based Linux distributions such as Rocky Linux, AlmaLinux, and Fedora.

First, update the local package index and install Memcached from the official repository using the yum command as root admin user:

yum update

yum install memcached

Then install libmemcached, a client library that provides tools to manage the Memcached server.

yum install libmemcached

memcached can currently be installed on your system as a server, and installation requires tools to test its connectivity. You can further protect its configuration Settings. To ensure that the installed memcached service is listening to the local interface 127.0.0.1, change the variable /etc/sysconfig/memcached in the OPTIONS configuration file.

vi /etc/sysconfig/memcached

Search for the OPTIONS variable and will add -l 127.0.0.1,::1 to the OPTIONS variable. These configuration Settings will protect our servers from denial of service attacks.

PORT="11211"

USER="memcached"

MAXCONN="1024"

CACHESIZE="64"OPTIONS="-l 127.0.0.1,::1"

Memcached runs on PORT and its service startup daemon is USER. The maximum number of simultaneous connections can be set to 1024 using MAXCONN and can be increased on demand for busy Web servers. Cache size Memory can be set to 2048MB by CACHESIZE, expandable up to 4GB for high-load servers. OPTIONS is used to configure the server IP address to ensure that the Apache or Nginx Web server can connect to Memcached.

Restart and enable the Memcached service to apply the configuration changes.

systemctl restart memcached

systemctl enable memcached

Once started, use the netstat command to verify that the Memcached service is bound to the local interface and listens only for TCP connections.

netstat -plunt

You can use Memcached-tool to check the status of the server:

memcached-tool 127.0.0.1 stats

You should ensure that you open the firewall port to allow the Memcached server to:

firewall-cmd --permanent --zone=public --add-port=11211/tcp

To test the installation of Memcached, connect using the telnet command:

telnet localhost 11211

Install the Memcached PHP extension and integrate it with Perl, Python, Apache, and Nginx, for PHP:

yum install php-memcached

You may need to restart Apache, Nginx, or PHP-FPM after installation:

ystemctl restart httpd   

systemctl restart nginx

systemctl restart php-fpm

For Perl:

yum install perl-Cache-Memcached

For Python:

yum install python3-memcached

After installation, configure your PHP, Perl, or Python applications to take advantage of Memcached. This involves modifying the application code to connect to the Memcached server and store/retrieve cached data.

This is how to install a local interface to protect the Memcached server, which can reduce the database load and optimize the performance of dynamic web applications with efficient caching.