Memcached is an open-source distributed memory object caching program that allows us to improve and speed up the performance of dynamic web applications by caching data and objects in Memory.

Memcached is also used to cache entire database tables and queries to improve the performance of the database. It is the only caching system available freely and used by many big sites like YouTube, Facebook, Twitter, Reddit, Drupal, Zynga, etc.

Memcached can commit to denial of service attacks if not correctly configured. In this article, we will explain how to install and secure your Memcached server on RHEL-based Linux distributions such as Rocky Linux, AlmaLinux, and Fedora.

Installing Memcached in Linux

First, update your local software package index and then install Memcached from the official repositories using the following yum commands as root administrative user.

yum update
yum install memcached
Install Memcached in RHEL 9
Install Memcached in RHEL 9

Next, we will install libmemcached – a client library that offers a couple of tools to manage your Memcached server.

yum install libmemcached
Install libmemcached in RHEL
Install libmemcached in RHEL

Memcached should now be installed on your system as a service, along with the tools that require you to test its connectivity. Now we can proceed further to secure its configuration settings.

Securing Memcached Configuration Settings

To make assure that the installed Memcached service is listening on the 127.0.0.1 local interface, we will alter the OPTIONS variable in the /etc/sysconfig/memcached configuration file.

vi /etc/sysconfig/memcached

Search for the OPTIONS variable, and add the -l 127.0.0.1,::1 to OPTIONS variable. These configuration settings will protect our server from denial-of-service attacks.

/etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1"
Secure Memcached in RHEL
Secure Memcached in RHEL

Let’s discuss each of the above parameters in detail.

  • PORT : The port used by Memcached to run.
  • USER : The start-up daemon for the Memcached service.
  • MAXCONN : The value used to set max simultaneous connections to 1024. For busy web servers, you can increase to any number based on your requirements.
  • CACHESIZE : Set cache size memory to 2048. For busy servers, you can increase up to 4GB.
  • OPTIONS : Set the IP address of the server, so that Apache or Nginx web servers can connect to it.

Restart and enable your Memcached service to apply your configuration changes.

systemctl restart memcached
systemctl enable memcached

Once started, you can confirm that your Memcached service is bound to the local interface and listening only on TCP connections using following netstat command.

netstat -plunt
Check Memcached Server
Check Memcached Server

You can also check the status of the server using the memcached-tool as shown.

memcached-tool 127.0.0.1 stats
Check Memcached Running Status
Check Memcached Running Status

Now make sure to allow access to the Memcached server by opening a port 11211 on your firewall as shown.

firewall-cmd --permanent --zone=public --add-port=11211/tcp

Test Memcached Installation

To verify that Memcached is working properly, you can connect to it using the telnet command.

telnet localhost 11211

If the connection is successful, you’ll see a prompt similar to this:

Test Memcached Server
Test Memcached Server

Install Memcached PHP Extension

To install the Memcached PHP extension and integrate it with Perl, Python, Apache, and Nginx on a Linux system, you’ll need to follow specific steps for each component.

For PHP:

yum install php-memcached

You may need to restart Apache, Nginx, or PHP-FPM after installation:

systemctl restart httpd   
systemctl restart nginx
systemctl restart php-fpm 

For Perl:

yum install perl-Cache-Memcached

For Python:

yum install python3-memcached

Once installed, configure your PHP, Perl, or Python applications to utilize Memcached for caching. This involves modifying application code to connect to the Memcached server and store/retrieve cached data.

Conclusion

In this article, we have explained how to install and secure your Memcached server for the local network interface, aiming to optimize the performance of dynamic web applications by reducing database load through efficient caching.

If you have faced any issues during installation, do ask for help in our comment section below.

Similar Posts