Secure your MongoDB Server

Description:

MongoDB is a free cross-platform document-oriented database. When this service is running and accessible on the internet, it is exposed to scans or intrusion attempts which could generate system information disclosure or data leaks. Therefore it is important to enable the authentication and restrict the access to this service.

Recommendations

In order to secure your infrastructure, specifically the MongoDB service, we suggest that you:

• Enable the authentication. Follow the instructions described in this documentation http://docs.mongodb.org/manual/core/authentication/.
• Restrict MongoDB access to localhost only by adding the following line into mongodb.conf:

 bind_ip = 127.0.0.1

• Add firewall rules to allow trusted connections (such as localhost or other known and trusted networks) and block other incoming connections to your server's port 27017 from the Internet.  (see details about the default ports used by MongoDB  http://docs.mongodb.org/manual/reference/default-mongodb-port/)

You will also find additional recommandations to secure your MongoDB server in the official website https://www.mongodb.com/blog/post/july-mongodb-security-best-practices and http://docs.mongodb.org/manual/security/

External references:

• https://www.mongodb.org/
• https://www.shadowserver.org/wiki/pmwiki.php/Services/Open-MongoDB
• https://www.mongodb.com/blog/post/july-mongodb-security-best-practices
• https://kromtech.com/blog/security-center/how-long-does-it-take-for-a-mongodb-to-be-compromised