The services discussed - memcached, redis, etc - don't use HTTP. The attack is successful because the protocols follow the robustness principle of 'be liberal in what you accept', and simply ignore the HTTP cruft, but still process the command.

For example:

POST / HTTP/1.1 << Ignored

Host: localhost:6379 << Ignored

SET abc 123 << Processed

QUIT << Processed