Menu
My mongodb is now held for ransom with a message of "Your DB is Backed up at our servers, to restore send 0.1 BTC to the Bitcoin Address then send an email with your server ip". After reading many articles, I am still unsure what publicly accessible database mean. Currently I access my database by SSH into my droplet with username and password and connect via port 27017 how can hacker access my db? Please advise me on what to do to prevent this happening in the future! Thank you
507
To prevent this type of hacking you need make your database secure..
Add the security.authorization setting to the config file
security:
authorization: enabled
Before enable it, make sure you have created root user with credential to login.
Example:
$ use admin
$ db.createUser(
{
user: "superAdmin",
pwd: "mySecurePassword",
roles: [ { role: "root", db: "admin" } ]
})
also you may need to create app separate users for each database with limited access, for more info, I have written one blog here MongoDB enable authentication.
for more info refer MongoDB security best practices and MongoDB security checklist
139
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
