Databases Reference
In-Depth Information
Other Security Considerations
There are a couple of options besides authentication that should be considered when
locking down a MongoDB instance. First, even when using authentication, the
MongoDB wire protocol is not encrypted. If that is a requirement, consider using SSH
tunneling or another similar mechanism to encrypt traffic between clients and the
MongoDB server.
We suggest always running your MongoDB servers behind a firewall or on a network
accessible only through your application servers. If you do have MongoDB on a ma-
chine accessible to the outside world, however, it is recommended that you start it with
the
--bindip
option, which allows you to specify a local IP address that
mongod
will be
bound to. For instance, to only allow connections from an application server running
on the same machine, you could run
mongod --bindip localhost
.
As documented in the section
“Using the Admin Interface” on page 115
, by default
MongoDB starts up a very simple HTTP server that allows you to see information
about current operations, locking, and replication from your browser. If you don't want
this information exposed, you can turn off the admin interface by using the
--nohttpinterface
option.
Finally, you can entirely disallow server-side JavaScript execution by starting the
database with
--noscripting
.
Backup and Repair
Taking backups is an important administrative task with any data storage system. Of-
ten, doing backups properly can be tricky, and the only thing worse than not taking
backups at all is taking them incorrectly. Luckily, MongoDB has several different op-
tions that make taking backups a painless process.
Data File Backup
MongoDB stores all of its data in a
data directory
. By default, this directory is
/data/
db/
(or
C:\data\db\
on Windows). The directory to use as the data directory is config-
urable through the
--dbpath
option when starting MongoDB. Regardless of where the
data directory is, its contents form a complete representation of the data stored in
MongoDB. This suggests that making a backup of MongoDB is as simple as creating a
copy of all of the files in the data directory.
It is not safe to create a copy of the data directory while MongoDB is
running unless the server has done a full
fsync
and is not allowing writes.
Such a backup will likely turn out to be corrupt and need repairing (see
the section
“Repair” on page 124
).
