I am wondering if the vanilla installation of MongoDB on Ubuntu can be accessed by the outside world? I have sensitive information thats being written to the database via Node.js (all running on the same box) and want to make sure it is safe.
I would recommend using UFW - Uncomplicated Firewall
Install UFW and enable, enter:
sudo apt-get install ufw
Check the status:
sudo ufw status verbose
Allow MongoDB and HTTP services (assuming default Mongo port):
sudo ufw allow 27017
sudo ufw allow 80
Enable the firewall:
sudo ufw enable
If you do not need connections from another instance, set the following in the configuration (which is probably the default anyway):
bind_ip = 127.0.0.1
If you need access (for example to connect to the database from your own machine for debugging,...) you can either use an SSH tunnel or set up a firewall rule (if you have a static IP; you'll obviously need to disable bind_ip
).
Firewalling is a good idea in general, but if your service does not need remote connections, simply disable them. And probably use a firewall with default deny.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.