Enabling security by default

Every database, other than maybe local development servers, should be set up with the following in the mongod.conf file:

auth = true
SSL should be always enabled, as described in the relevant Chapter 7, Monitoring, Backup and Security.

REST and HTTP status interfaces should be disabled by adding the following lines in mongod.conf:

nohttpinterface = true
rest = false

Access should be restricted only between application servers and MongoDB servers and only in the interfaces that are needed. Using bind_ip we can force MongoDB to listen to specific interfaces instead of the default bind to every interface-available behavior:

bind_ip = 10.10.0.10,10.10.0.20
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.117.185.169