Secure MongoDB

Before running the commands shown on this page, you should load the Bitnami stack environment by executing the installdir/use_APPNAME script (Linux and MacOS) or by clicking the shortcut in the Start Menu under “Start -> Bitnami APPNAME Stack -> Application console” (Windows). On OS X VMs, the installation directory is /opt/bitnami and OS X VM users can click the “Open Terminal” button to run commands. Learn more about the Bitnami stack environment and about OS X VMs.
  • Once you have created a new database and user credentials for your application, connect your applications to the MongoDB server using only that database and credentials.

  • If you don’t need remote access for the database, make the server listen only on the local machine by editing the mongodb.conf file and uncommenting the line below:

  • If you don’t need remote access for the database, make sure the MongoDB server port (usually 27017) is closed. Refer to the FAQ for Windows, Linux and macOS for more information.

  • Don’t forget to change the root user password as explained in this section.

  • It is strongly recommended that you do not have empty passwords for any user accounts when using the server for any production work.

Last modification March 24, 2021