Security - MongoDB

https://snyk.io/blog/mongodb-hack-and-secure-defaults/

https://docs.mongodb.com/manual/security/

versions >= 2.6.0

Set by a config file, binds DB to 127.0.0.1 by default. The DB will only listen to local connections.

version < 2.6.0

By default, MongoDB was left open to remote connections. Authentication is also not required by default.

PreviousSecurity - SSH/firewall/VPNNextSecurity - XSS|CSRF

Last updated

Was this helpful?