MongoDB: Server has startup warnings [duplicate]

Question

I firstly installed MongoDB 3.2.5 today. But when I start it and use MongoDB shell, it gave me these warnings below:

C:\Windows\system32>mongo
MongoDB shell version: 3.2.5
connecting to: test
Server has startup warnings:
2016-04-16T11:06:17.943+0800 I CONTROL  [initandlisten]
2016-04-16T11:06:17.943+0800 I CONTROL  [initandlisten] ** WARNING: Insecure configuration, access control is not enabled and no --bind_ip has been specified.
2016-04-16T11:06:17.943+0800 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted,
2016-04-16T11:06:17.943+0800 I CONTROL  [initandlisten] **          and the server listens on all available network interfaces.
2016-04-16T11:06:17.943+0800 I CONTROL  [initandlisten]
>

my OS is Microsoft Windows [version 10.0.10586].

Answer 1

You haven't configure the security features in Mongodb like authorization and authentication. Use this link for more details. You can ignore this if you are going to learn Mongodb. But when the product is going to production level. you should concern them. You can enable access control by using mongod --auth.

For example you can run mongod --auth --port 27017 --dbpath /data/db1. After that you can secure your database with username and password.

you can add user in database using following command.

use admin
db.auth("myUserAdmin", "abc123" )

After that you can use mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin" to connect to the database.

You can add bind_ip in mongod.conf as follows,

`bind_ip = 127.0.0.1,192.168.161.100` 

You can define many if you need. This bind_ip option tells MongoDB to accept connections from which local network interfaces, not which “remote IP address”. And run mongod --config <file path to your mongod.conf> Altogether you can run mongod --auth --port 27017 --dbpath /data/db1 --config <file path to your mongod.conf>

Answer 2

Run mongod --auth to enable access control. Detailed information can be found here.

Answer 3

• Select the target DB (Exp : use admin)
• Create user in the selected DB

Select the required DB (exp use admin)

db.createUser(
   {
     user: "root",
     pwd: "root",
     roles: [ "readWrite", "dbAdmin" ]
   }
)

The above command will create the root user with roles readWrite and dbAdmin in the admin DB. more info about roles

Now, run the server in authentication mode using mongod --auth

Run client and provide username and password to login using db.auth("root","root")