WEB General
  • Introduction
  • JWT vs Session
  • Stream & Multipart
  • Digital Ocean - steps
  • Security - SSH/firewall/VPN
  • Security - MongoDB
  • Security - XSS|CSRF
  • MISC
  • STACK = websocket & socketIO
  • STACK = FE Glossary
  • STACK = BE Glossary
  • STACK = Security Glossary
  • websocket
Powered by GitBook
On this page

Was this helpful?

Security - MongoDB

PreviousSecurity - SSH/firewall/VPNNextSecurity - XSS|CSRF

Last updated 5 years ago

Was this helpful?

versions >= 2.6.0

Set by a config file, binds DB to 127.0.0.1 by default. The DB will only listen to local connections.

version < 2.6.0

By default, MongoDB was left open to remote connections. Authentication is also not required by default.

https://snyk.io/blog/mongodb-hack-and-secure-defaults/
https://docs.mongodb.com/manual/security/