Normally the answer to question is to set:
bindIp: 127.0.0.1
I have this set in /etc/mongod.conf. Unfortunately I am still allowed access to this database remotely. I have restarted the Mongo service a couple times, to no avail.
Does anyone have an idea as to why my database is still accessible remotely?
I'm using MongoDB version 3.0.9
Remoting in to mongod clients using bindIp = 127.0.0.1 is possible through an SSH tunnel because the shell session is seen as 127.0.0.1.
Enabling bind_ip = 127.0.0.1 should be sufficient. Restart MongoDB server after the changes are done.
References:
http://greenwireit.com/it-tech-support-articles/enable-remote-access-default-mongodb-installation/
https://www.mkyong.com/mongodb/mongodb-allow-remote-access/
http://wptrafficanalyzer.in/blog/enabling-and-disabling-remote-access-to-a-mongodb-server/
Perhaps you must specify the mongodb.conf file when loading your mongod instance. Like so:
mongod --fork --config /etc/mongodb.conf --logpath mongodblogs/mongodb.log --dbpath mongod
This is best variant in security aspect:
su <NOTROOTUSER>
mongod --dbpath data --bind_ip localhost
Create new user on you server then log in.
Root is not recommended for running mongo server.
I installed MongoDB 3.2.4 on CentOS 7. I keep the default configure except comment the bindIp: 127.0.0.1 to access the db via 3T MongoChef 3.4.1 from local machine.
I create two new users for db admin. One is root and one is userAdmin.
I tried to access the db via 3T MongoChef but failed. If I leave the Authentication none, I would get this:
But if I set it :
then I get:
I have no idea how to fix this. Please help.
It seems like commenting the bindIp out is not enough to change the allowed inbound connections for mongod. Try to change it to 0.0.0.0 instead.
Also, check this post out: mongodb.conf bind_ip = 127.0.0.1 does not work but 0.0.0.0 works
Regards
In the production environment, lock the IP down to white list server and don't open up using `
0.0.0.0
To Whitelist IPs, modify the mongod.conf
vim /etc/mongod.conf
Add the IPs in the following format
[x.x.x.x,x.x.x.x]
Ex.
Save and cycle the Mongod
In RHEL;
systemctl restart mongod
I really tried, even reinstall the MongoDB.
And it's the same to MongoDB bind_ip error: bind() failed errno:99 Cannot assign requested address for socket
It works if set bind_ip to: 0.0.0.0, or 127.0.0.1
$ sudo service mongod start
mongod start/running, process 30040
$ sudo service mongod restart
mongod stop/waiting
mongod start/running, process 29704
$ mongo --port 19708
MongoDB shell version: 3.0.3
connecting to: 127.0.0.1:19708/test
>
It won't work if set bing_ip to: 127.0.0.1,192.118.96.10,42.112.36.110
$ sudo service mongod start
mongod start/running, process 29969
$ sudo service mongod restart
stop: Unknown instance:
mongod start/running, process 29766
$ mongo --port 19708
MongoDB shell version: 3.0.3
connecting to: 127.0.0.1:19708/test
2015-06-17T06:32:34.625+0000 W NETWORK Failed to connect to 127.0.0.1:19708
reason: errno:111 Connection refused
2015-06-17T06:32:34.627+0000 E QUERY
Error: couldn't connect to server 127.0.0.1:19708 (127.0.0.1), connection attempt failed
at connect (src/mongo/shell/mongo.js:181:14)
at (connect):1:6 at src/mongo/shell/mongo.js:181
exception: connect failed
locations:
$ which mongod
/usr/bin/mongod
$ which mongo
/usr/bin/mongo
configurations in /etc/mongod.conf
dbpath=/var/lib/mongodb
logpath=/var/log/mongodb/mongod.log
logappend=true
port = 19708
# ips, eg:
# private ip for mongodb server: 192.118.96.10
# public ip for remote app server: 42.112.36.110
bind_ip = 127.0.0.1,192.118.96.10,42.112.36.110
auth = true
Thanks in advance.
Edit: I do not know wether I was simply wrong with my answer or if the behavior of bind_ip was changed, but it is possible to bind to multiple, distinct IPs
bind_ip:127.0.0.1,10.0.0.1,8.8.8.8
So, most likely, one of the IP addresses mongod was assigned to bind to did not exist on the machine in question.
You can bind mongod only to one IP, with 0.0.0.0 being the alias for "listen on all available network interfaces".
So either use
bind_ip=127.0.0.1
to listen to the loop back interface or
bind_ip=<someIP>
to listen to that IP only or
bind_ip=0.0.0.0
to listen to all available IPs on the system.
If you need to listen to several specific IPs, it is very likely that your system design is somehow screwed.
I had the same issue just because of the silly mistake.
There was commented line and space problem.
What I did wrong
# network interfaces
net:
port: 27017
#bindIp: 127.0.0.1
bindIp: privateIp
instead of
net:
port: 27017
bindIp: 10.1.2.4
for bind to multiples ips
bindIp: [127.0.0.1,10.128.0.2]
hopefully this answer helpful for someone.
Mongo 3.6.2 Community
The solution for me was to edit the section of /etc/mongod.conf
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1,192.168.1.240 # No brackets, No spaces, only comma separated
#security
Then save and do this to restart and verify the service:
> service mongod restart
> service mongod status
No failure here, now verify that someone is listening:
> netstat -a |grep :27017
tcp 0 0 yourhostname:27017 0.0.0.0:* LISTEN
tcp 0 0 localhost:27017 0.0.0.0:* LISTEN
Now connect using your favorite Mongo tools or command line.
Some results of different formatting in /etc/mongod.conf
comma and space results in only the first IP being bound.
space only separator results in only the first IP being bound
[ ] surround results in failure to start mongod
I spent hours beating my head against a wall with this issue. Eventually, looking at logs and googling what I found THERE got me somewhere (all I got when googling 'mongo bindIp multipl' (etc) was a load of pages like this one with answers that didn't help).
First, the block in /etc/mongod.conf that worked for me was:
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1,172.16.1.2
No spaces, no quotes, no brackets... but even with it correct restarting mongodb gave an error and then it refused to start. I spent hours trying various other configurations that were incorrect (which is frustrating since the correctness of this line did not actually solve the problem and I was unaware that there was another).
I was able to solve it by deleting the mongodb socket file:
rm /etc/mongodb-27017.sock
After this, running
systemctl restart mongod
worked without errors. The interesting thing (part of what made it really frustrating) was that during the trial and error process if I set the bindIP back to just 127.0.0.1 and restarted mongod it worked, which made me think that that line was ok and the problems were with the alternative entries/syntax I was trying. (My best guess is that something in the socket file references the ips? I'm unfamiliar with that element of coding.)
After deleting the socket I was then able to shell into mongo like so (options required with authentication enabled):
mongo -u admin -p password --authenticationDatabase "admin")
which establishes that the 127.0.0.1 works and also to connect from my remote app (in my current scenario the nodebb testing instance I am setting up).
In my case, none of the options above worked. The specification that finally worked for me was:
bind_ip= [<IP_one> <IP_two>]
An example could be:
bind_ip= [127.0.0.1 10.0.0.4]
(Notice that there is no comma between the two directions)
I have MongoDB 2.6.10 on Ubuntu 16.4.5 (LTS)
The documentation said
"You may concatenate a list of comma separated values to bind mongod to multiple IP addresses."
So, it's not true...
I had same problem with AWS EC2 Ubuntu 20. This problem got solved by placing Private IPv4 addresses instead of Public IPv4 address.
Hey I am using MongoDB shell version: 3.2.6 .
bindIP = 127.0.0.1,192.168.0.50
bindIP = [127.0.0.1,192.168.0.50]
bind_ip = 192.168.6.38
not working , i have edited mongod.conf using this command
sudo -i gedit /etc/mongod.conf file
And Changed bind_ip = 0.0.0.0 to bind_ip = 192.168.6.38 it working fine ....
Using MongoDB 4.0.5:
For me the following worked:
bindIp=[127.0.0.1,11.22.33.44]
And then I switched on Auth:
security:
authorization: "enabled"
Restarting mongod (on Ubuntu 18.04) gave an error:
Scalar option 'net.bindIp' must be a single value
Therefore I had to do the bindIp: 0.0.0.0.
Maybe somebody has a clue how to combine bindIp and Security
This is a notation that only works on Ubuntu: (watch out on spaces, symbols)
bind_ip=[127.0.0.1,22.33.44.99,88.77.55.66]
22.33.44.99 - my static ip of server, 88.77.55.66 - my static ip of laptop. That gave me an opportunity to access to mongodb out from internet. Don't forget to add a rule - open port 27017 to ufw.
work for me for ubuntu 18 and the mongo --version 4.x.xx:
1 - in etc/mongod.conf -net add
bindIp: "127.0.0.1,0.0.0.0"
2 - then use pm2:
sudo apt-get update
sudo apt-get pm2
3 - start the pm2 service to the mongod
pm2 start mongod
PD: you need to erase 0.0.0.0 in production scenario
What got me is that I thought that I needed to list IP addresses of other machines that could access the DB. This is not the case. You just need to list IP addresses of the serer that runs mongoDB. For me after changing from:
bindIp: localhost
To:
bindIp: localhost,127.0.0.1,<actual IP of my server>
Then I could access MongoDB from other machines in my network. I just wasn't thinking about this the right way. Posting this here in case others have the same brain fart as me.
In my case
OS: Windows 8 (MongoDB) OS: Raspbian Linux (Client)
Tried all methods, below configuration worked for me
Updating mongod.conf file as
bindIp: 0.0.0.0
Opening firewall port in DB machine windows, don't skip this.
https://www.windowscentral.com/how-open-port-windows-firewall
work for me for ubuntu 18 and the mongo --version 4.x.xx:
1 - in etc/mongod.conf -net add
bindIp: "127.0.0.1,0.0.0.0"
2 - then use pm2:
sudo apt-get update
sudo apt-get pm2
3 - start the pm2 service to the mongod
pm2 start mongod
PD: you need to erase 0.0.0.0 in production scenario
UPDATED:
I just start to deal with a new VPS and i am trying to connect its port 27017 (mongodb database) from localhost (using robomongo).
It's working on my localhost machine and with another remote server, but i can't connect mongodb on this VPS, what could cause this issue ?
I start it this way:
mongod --setParameter enableLocalhostAuthBypass=0 --config /etc/mongodb.conf --fork
with the auth = true uncommented in the /etc/mongodb.conf file (but it looks like the issue is not that i can't auth but mongodb is not responding at all).
When i start mongo admin -u root -p root by being connected with SSH, it works great (i can connect my database) and i can see that mongodb is well listenning on the port 27017.
But when i try to access it from my local machine, it can't establish the connection, and if i try to connect it with my browser, i am supposed to get a mongodb error message: You are trying to access MongoDB on the native driver port. For http diagnostic access, add 1000 to the port number but i don't, i just have a failure page with Chrome (and the port 28017 is not responding either).
How to solve this ? My VPS is brand new and i could need to install more packages but i really don't see what could be need for this, it also looks like a firewall issue, like something prevent mongodb and response before the request could reach it, i have juste installed apache2 and nginx and they are not running so i really don't see...
Ok, I have found the issue!
There is a line bind_ip 127.0.0.1 in the /etc/mongod.conf file.
It provides access only to the specified IP address to mongodb.
You should create an array of IPs and edit the config file as:
bind_ip [127.0.0.1, x.x.x.x, ...]
Where x.x.x.x is your IP.
i resolved this issue with file(/etc/mongod.conf)
commenting out as follows:
#bindIp: 127.0.0.1 # Listen to local interface only, comment to listen on all interfaces.
I've installed mongodb on Linux(CenOS) server as it's written in docs. But still remote access is impossible (although conecting from mongo shell locally is ok). Can someone provide docs on proper configuring of mongodb?
Thank you in advance!
Source: MongoDb setup config to connect by remote hosts
On ubuntu:
root#debian:$ sudo nano /etc/mongodb.conf
Make sure you have the following lines
bind_ip = 0.0.0.0
port = 27017
root#debian:$ /etc/init.d/mongodb restart
Either running behind a firewall or mongod is bound to localhost only (use --bind-ip option to configure the IP address if necessary).