Memcached security (4 posts)

  1. SIlvaCosta
    Posted 2 years ago #

    Hi all

    Do you belive that there is any security issue with using memcached in a shared environment?

    I mean, since all the users can have access to memcached, wont there some wise guys that will access it to see the other users info? Or even 2 or more wordpress installations conflicting

  2. Hubert Nguyen
    Posted 2 years ago #

    1/ if you use your memcached locally (localhost), you may be able to close the port to external IPs addresses (non-localhost).

    2/ If you have a separate memcached server, you can authorize access from your wordpress machine only by blocking other incoming IPs.

    If you have more than one WP install, you may be able to run one instance of Memcached per WP site on different ports

  3. SIlvaCosta
    Posted 2 years ago #

    But someone can easily see a patern in the ports and try and access others information (quite easy) :\

  4. Hubert Nguyen
    Posted 1 year ago #

    If you have security groups, they shouldn't be able to access your memcached instances

Topic Closed

This topic has been closed to new replies.

About this Topic