I using aws linux freetier
When I entered my site today, mongodb all collection was drop… OTL
(I checked the global log and confirmed that the Chinese ip dropped…)
When I installed mongodb, my /etc/mongod.conf setting
# network interfaces
net:
port: change my port num
#bindIp: 127.0.0.1
security:
authorization: enabled
next i was aws security group open and write my port num and anywhere setting
Is this a problem? What should I add more?
Please teach me
Best Answer
Here is a few things to read up upon: https://docs.mongodb.com/manual/administration/security-checklist/
In your mongo.conf its good to disable the REST API and http interface.
Use a non default Mongo port e.g not 27017 and use AWS security groups to only allow that port to a given IP not to the world.