Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

disable anonymous access to MongoDB

Tags:

I have installed MongoDB on Windows 2012 Server and running it on windows service.

In order to protect it from anonymous log-ins, I followed below steps to enable authenticate and disable anonymous access

Create the Administrator Credentials and then Enable Authentication

  1. Start the mongod or mongos instance without the auth or keyFilesetting.
  2. Create the administrator user as described in Create a User Administrator.
  3. Re-start the mongod or mongos instance with the auth or keyFile setting.

According to documentation, by running this shell command

db.auth(<username>,<password>)

it should turn on authorization and restarting the instance it should disable anonymous access.

I am not sure what 3rd step is meant, I stopped MongoDB service and restarted it. But I can still do a anonymous Log-in to the remote MongoDB

How can I disable anonymous access to MongoDB?

Update

Executing db.serverCmdLineOpts()

/* 0 */ {     "argv" : [          "c:\\Program Files\\mongodb\\bin\\mongod.exe",          "--directoryperdb",          "--dbpath",          "c:\\mongodb\\data",          "--logpath",          "c:\\mongodb\\log\\mongodb_master.log",          "--logappend",          "--rest",          "--service"     ],     "parsed" : {         "dbpath" : "c:\\mongodb\\data",         "directoryperdb" : true,         "logappend" : true,         "logpath" : "c:\\mongodb\\log\\mongodb_master.log",         "rest" : true,         "service" : true     },     "ok" : 1 }

This means I don't have auth key. How can i set auth key there?

like image 711
HaBo Avatar asked Mar 25 '14 22:03

HaBo

People also ask

How do I restrict access to MongoDB?

To restrict MongoDB access by enabling authentication In the mongoconfiguration, set auth = true and restart the mongo service.

1 Answers

To fully disable anonymous authentication you need to ensure that you:

1) Add an administrative user to the admin database.

Until the first admin user is created, by default there is a localhost bypass that allows you to login anonymously and set up that first user.

To check you have at least one user in your admin database, run:

db.getSiblingDB('admin').system.users.find()

2) Start your MongoDB server with auth enabled (standalone server) or keyFile enabled (replica set).

The keyFile option implies auth, and is used for internal authentication between replica set nodes.

To check the configuration settings for a running MongoDB instance, you can refer to the output of db.serverCmdLineOpts() in a mongo shell.

If the options have been changed from the default they should show up in the parsed section of the output. That is, one of these should return true:

db.serverCmdLineOpts().parsed.auth db.serverCmdLineOpts().parsed.keyFile
like image 177
Stennie Avatar answered Oct 05 '22 13:10

Stennie
Sign in to Comment

Related questions

How can I get the D3.js axis ticks and positions as an array?
How to resume file download in Python?
How to create new page in Confluence using their REST API? [closed]
Set ConfigureAwait(false) for entire project/dll
Verify a method is called or not in Unit Test
How to support async methods in a TransactionScope with Microsoft.Bcl.Async in .NET 4.0? [duplicate]
Yii2 global filter/behavior to force user to authenticate first
How can I access the collection item being validated when using RuleForEach?
Is iText Java library free of charge or have any fees to be paid? [closed]
What are the six basic primitives in Turing Complete
Can't access private variable from own class via subclass instance
How to remove the "_embedded" property in Spring HATEOAS

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!