How to disable remote connections to MongoDB? - mongodb

Normally the answer to question is to set:
bindIp: 127.0.0.1
I have this set in /etc/mongod.conf. Unfortunately I am still allowed access to this database remotely. I have restarted the Mongo service a couple times, to no avail.
Does anyone have an idea as to why my database is still accessible remotely?
I'm using MongoDB version 3.0.9

Remoting in to mongod clients using bindIp = 127.0.0.1 is possible through an SSH tunnel because the shell session is seen as 127.0.0.1.

Enabling bind_ip = 127.0.0.1 should be sufficient. Restart MongoDB server after the changes are done.
References:
http://greenwireit.com/it-tech-support-articles/enable-remote-access-default-mongodb-installation/
https://www.mkyong.com/mongodb/mongodb-allow-remote-access/
http://wptrafficanalyzer.in/blog/enabling-and-disabling-remote-access-to-a-mongodb-server/

Perhaps you must specify the mongodb.conf file when loading your mongod instance. Like so:
mongod --fork --config /etc/mongodb.conf --logpath mongodblogs/mongodb.log --dbpath mongod

This is best variant in security aspect:
su <NOTROOTUSER>
mongod --dbpath data --bind_ip localhost
Create new user on you server then log in.
Root is not recommended for running mongo server.

Related

MongoDB - startup automatically with right config on different ports

I have two mongoDBs running on port 27017 and 27018 and now it happened twice, that someone patched the server (Red Hat Enterprise Linux Server release 7.8 Maipo ) and the configuration of mongodb has been lost, so I had to fix it manually by
mongod -port 27017 -config /etc/mongod.conf
mongod -port 27018 -config /etc/mongod_second.conf
Can you tell me who is responsible for that issue, so that this configuration is set automatically?
Do I need to
enable the mongod as a service, so it start up with the right configuration after every patch of the server?
an sudo systemctl enable mongod is not working for me
or
tell the admin who is patching the server to run this mongod -port 27018 - config ... everytime he is restarting the server
Thanks for your help
MongoDB provides installation instructions. Follow them to get the database properly installed. Then edit the configuration file instead of passing arguments when starting mongod.

Unable to connect to MongDB through IP address

I have installed MongoDb 4.0 on Windows 10. MongoDB currently runs on 'localhost'. I am able to connect to MongoDB by using 'mongodb://localhost:27017' in my nodeJS. However, I have a need to access this MondoDB instance through IP address. So, if I access MondoDB using mongodb://193.168.16.1:27017, then I am not able to connect to it. I tried to connect through MongoDB atlas, but I am having the same problem.
I have gone through the following threads on stackoverflow before posting it here.
Bind MongoDB to IP address when running as Service
Windows mongodb server bind_ip configuration
I have already tried to change the bindIp in mongod.cfg with the following values, with no success. I restarted 'MongoDB server' service after making these changes.I have also enabled all connections on port 27017 in windows firewall
bindIpAll: true #no success
bindIp: 127.0.0.1,193.168.16.1 #no success
bindIp: 193.168.16.1 #no success
bindIp: 0.0.0.0 #no success
I think you need to start your mongodb server something like this,
mongod --bind_ip 0.0.0.0 -v
And now you will be able to connect to mongodb using ipAddress.
Firstly please kill MongoDB and run this:
mongod --bind_ip 0.0.0.0 -v
Then as you want to connect through IP so run this command:
mongo --host 193.168.16.1 --verbose
Hope this will solve your problem...
None of the above suggestions worked for me. One of the combinations that worked for me is as follows
bindIp: 0.0.0.0,192.168.16.1
I am not sure why other combinations are not working. It could possibly be due to some issue with the MogoDb service, because I had to restart the service twice to get it working.
For me, it was not reading the config file until I removed the service and created it again specifying the configuration file path.
mongod --remove
"C:\Program Files\MongoDB\Server\4.0\bin\mongod.exe" --config "C:\Program Files\MongoDB\Server\4.0\bin\mongod.cfg" --service
I had to comment #mp: at the end of the configuration file before I could run the service.

MongoDB: Custom Port & DB Path Not Working

I have a new MongoDB server that I want to run with a custom port + db path.
I made these edit in my /etc/mongod.conf:
port = 53214
dbpath=/var/lib/mongodb
I can confirm the dbpath exists and is owned by the mongodb user.
But, when I try to start mongod (service mongod start), it wants to use port 27017 and dbpath /data/db.
I tried deleting mongod.lock in /var/lib/mongodb, but that didn't help.
My question:
Do I have to manually pass these parameters each time I start mongod?
mongod --dbpath /var/lib/mongodb --port 53214
If so, what's the point of the config file?
It turns out you need to pass in the config file, like this:
mongod --config /etc/mongod.conf

Mongodb can't connect to localhost but can connect to localhost's IP address

If I try to run mongodb shell with the mongo command alone, I get:
Error: couldn't connect to server 127.0.0.1 shell/mongo.js:84
exception: connect failed
However, if I stipulate localhost's LAN IP address like this:
mongo 10.10.5.90
...it connects fine.
Any clues??
Do you have a bind_ip set in your mongodb.conf (or startup script)? edit for clarity A bind_ip setting limits the IP it will listen on to that IP only.
See the IP Address Binding section: http://www.mongodb.org/display/DOCS/Security+and+Authentication
If not, do you have any firewall rules blocking the localhost access? That would be kind of strange, but I can't think of another reason why it wouldn't work while the LAN IP would work.
This error could also appear if mongodb was not properly shutdown. If you type sudo start mongodb and if it gives a new process id on every execution then your mongodb was not properly shutdown. To resolve this type
sudo rm /var/lib/mongodb/mongod.lock
sudo -u mongodb mongod -f /etc/mongodb.conf --repair
sudo start mongodb
Just follow all these steps to solve this problem
Step 1: Remove lock file.
sudo rm /var/lib/mongodb/mongod.lock
Step 2: Repair mongodb.
mongod --repair
Step 3: start mongodb.
sudo start mongodb
or
sudo service mongodb start
Step 4: Check status of mongodb.
sudo status mongodb
or
sudo service mongodb status
Step 5: Start mongo console.
mongo
I added localhost along with the ip I had in bind_ip while starting mongo and it solved my problem, for example:
bin/mongod --dbpath data --logpath mongo.log --fork --bind_ip localhost,10.100.1.2
For people using MongoDB Compass on VMWare windows:
C:\Program Files\MongoDB\Server\5.0\bin by default is the Mongo server directory. You can change bindIp and port in mongod.cfg
Also make sure to check if the mongo server service is running:
win + r > services.msc > MongoDB Server (MongoDB) > Rightclick > Start.
Should save some time, hope it helps.
Edit your mongod.conf as follow
bindIp: 0.0.0.0,localhost
It works for me.

mongodb + remote access

I've installed mongodb on Linux(CenOS) server as it's written in docs. But still remote access is impossible (although conecting from mongo shell locally is ok). Can someone provide docs on proper configuring of mongodb?
Thank you in advance!
Source: MongoDb setup config to connect by remote hosts
On ubuntu:
root#debian:$ sudo nano /etc/mongodb.conf
Make sure you have the following lines
bind_ip = 0.0.0.0
port = 27017
root#debian:$ /etc/init.d/mongodb restart
Either running behind a firewall or mongod is bound to localhost only (use --bind-ip option to configure the IP address if necessary).