Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Security in MongoDB: 10 Ways to Compromise Your Database

DZone's Guide to

Security in MongoDB: 10 Ways to Compromise Your Database

· Java Zone
Free Resource

Learn how to troubleshoot and diagnose some of the most common performance issues in Java today. Brought to you in partnership with AppDynamics.

Getting your fancy new MongoDB database up and running won't do you much good if you have major outages or lose all your data. That's why it's important to pay attention to security, so from MongoDB's Andreas Nilsson comes a look at 10 common mistakes that can compromise MongoDB security, in order of severity and frequency:

  1. Directly exposing MongoDB to the internet
  2. No access control
  3. No SSL
  4. Exposed interfaces
  5. Bad user account config
  6. Insecure OS privileges
  7. Insecure replica set keyfile config
  8. Bad SSL config
  9. Unprotected backups
  10. General ignorance

For every point, Nilsson includes a description and a solution to help you keep your data secure. Some are fairly obvious - you don't want to just provide unlimited internet access to your MongoDB servers, for example - while others, such as SSL configuration, may require a bit more thought.

Also, Nilsson published another piece on MongoDB security before this one, and there is still a third part to come. Head over to Nilsson's full article on MongoDB's blog for all the details.


Understand the needs and benefits around implementing the right monitoring solution for a growing containerized market. Brought to you in partnership with AppDynamics.

Topics:

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}