I do not use MongoDB before, after set everything up, my mongoDB has been hacked for 1 second, please help me answer my question: "how to secure my mongoDB?"
CodePudding user response:
Please refer to this answer to get more information about setting authentication on your MongoDB cluster.
CodePudding user response:
To Secure MongoDB you need to :
- enable security (in mongod.conf file),
- create database user for authentication ,
- you can change port 27001 (default) to any port like 27000 (in mongod.conf file)
- you can add specific ip address to allow to connect and access your database (in mongod.conf file).
you need to find out mongod.conf and open it . (google it out where is mongod.conf is stored in your pc windows/mac/ubuntu)
security:
authorization: enabled
Shutdown the MongoDB instance on port 27001
mongo admin --port 27001 --eval 'db.shutdownServer()'
Restart the MongoDB instance with the new configuration
mongod -f mongod.conf
Create the first user on the admin database with the following
mongo
>use admin
db.createUser({
user: "USER_NAME_HERE",
pwd: "PASSWORD_HERE",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
});
example :
db.createUser({
user: "AdminUser",
pwd: "57d49$4
eqwe#adb4d",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
});
after that run following to check user is authenticated
Syntax : db.auth( "USER_NAME_HERE", "PASSWORD_HERE" )
db.auth( "AdminUser", "57d49$4
eqwe#adb4d" )
To Check Users :
db.getUsers()
It will return :
[
{
"_id" : "admin.AdminUser",
"userId" : UUID("31ccb892-d3ef-46b6-8ac1-2e9b5be11892"),
"user" : "globalAdminUser",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
]
Now your database is secured and only authenticated user can access it .
you can connect mongo with folowing :
mongo admin --port 27001 --username 'AdminUser' --password '57d49$4
eqwe#adb4d'