Simple ways to secure MongoDB
MongoDB does not come with security by default. As opposed to traditional SQL databases, MongoDB typically stores a lot more data. MongoDB databases are accessible over the internet by default without requiring credentials initially. For years MongoDB has been plagued by security shortcomings, much like other NoSQL database systems. Here we are going to discuss the security steps that can be taken to overcome this issue. VPSie makes it easy to install mongodb in just a few clicks JOIN US , follow the article to learn more about the process.
During this tutorial, we will demonstrate how to secure the MongoDB server,
Secure MongoDB
The first step is to launch the Mongo client. Linux users can run Mongo Put in this paragraph, replacing the placeholders with your own data.
Next creates the user, For example : john in the admin database with the user, Admin, AnyDatabase role:
db.createUser({user:"John",pwd:"MyPassword", roles:[{role:"userorAdminorAnyDatabase",db:"admin"}]})
Sample Output
db.createUser({ user: "John", pwd: "MyPASSWORD", roles: [ { role: "userorAdminorAnyDatabase", db: "admin" } ] });
You can now exit the mongo client and edit your MongoDB configuration file. In the following commands, you will find it depending on your operating system and distribution.
/etc/mongodb.conf /etc/mongod.conf
Please change the line, “security” : to the following:
security: authorization: enabled
We recommend setting the bind port to localhost (127.0.0.1) or to a private IP address that will not be exposed to the internet.
Basically, you shouldn’t publish your database on the internet.
# network interfaces net: port: 27017 bindIp: 127.0.0.1
Restart your MongoDB database. Your Linux distro will determine which command you should run.
systemctl restart mongodb systemctl restart mongodb
we hope that this article has provided you with more information.
Get the most out of learning with VPSie.com