How to listen only to localhost on MongoDB
Solution 1
Add the following line into mongodb.conf
:
bind_ip = 127.0.0.1
As @Josh Rickard stated in comments: don't forget to restart the process after updating the config file:
service mongodb restart
Solution 2
As Andreas mentioned in a round-about way:
mongod --bind_ip 127.0.0.1
Solution 3
Note that although it didn't appear in the documentation last time I checked, you can also put this setting in the .conf file (vs. command line).
No setting = bind to all ips.
Solution 4
No one mentioned the location of the mongodb.conf
file which is /etc/mongodb.conf
. Double check before running the following commands.
echo "bind_ip = 127.0.0.1" >> /etc/mongodb.conf
service mongodb restart
Stephen
Updated on June 04, 2021Comments
-
Stephen almost 3 years
MongoDB Suggests that the easy way to handle security is to run it in a trusted environment, given that, "in such a configuration, one must be sure only trusted machines can access database TCP ports."
What would be the best approach for doing this? Is there a way for mongodb to natively only listen to localhost?
I'm using ubuntu 10.10
-
Josh Rickard over 12 yearsThis worked for me. Don't forget to restart the process after updating the config file:
service mongodb restart
-
Fabrizio Regini almost 12 yearsI wonder why this so vital configuration option is not included among samples in configuration file.
-
OZ_ almost 11 yearsThanks for answer. I'll just leave here this link for those who will look for this info like me: docs.mongodb.org/manual/core/security
-
Thomas Jensen over 10 yearsShouldn't this be a default in mongodb? Is it really true, that new mongodb installs are open to the world without any authentication?
-
Daniel W. over 9 years@ThomasJensen I just installed mongodb from official Debian/Ubuntu source and it is set to localhost by default (now).
-
msteiger over 8 yearsTo add this to the Windows service, you need to edit the registry entry at
[HKLM\SYSTEM\CurrentControlSet\Services\MongoDB]
-
B T over 8 yearsI had also thought mongo is set to localhost only on installation, and that you had to change the configuration if you wanted it otherwise. But I got a message from Digital Ocean saying that one of my servers had an open mongo instance. I can't access the mongo instance from its public IP, so I'm not sure how Digital Ocean accessed it. But they must have, since they only warned me about the instance I had a mongo server running.
-
hzitoun over 6 yearsWith new versions, it was renamed to
/etc/mongod.conf