28 Feb
2018
28 Feb
'18
2:55 p.m.
Apparently, a bug in memcached (which we use in Koha) causes it to be used an intermediary in a DDoS attack: https://arstechnica.com/information-technology/2018/02/in-the-wild-ddoses-us... I'm not an expert on this kind of thing by any means, but judging from this: https://github.com/memcached/memcached/wiki/ReleaseNotes156 It seems that we can disable the attack by preventing memcached from listening on a UDP port. I was able to do this by adding the following lines to /etc/memcached.conf: # Disable UDP -U 0 Then restarted memcached and apache2. My questions for the experts: Is this the correct approach? Is it even necessary? Is there more we should do?