Mongodb – How to do with mongodb security installed in aws ec2

awsmongodb

I using aws linux freetier

When I entered my site today, mongodb all collection was drop… OTL

(I checked the global log and confirmed that the Chinese ip dropped…)

When I installed mongodb, my /etc/mongod.conf setting

# network interfaces
net:
  port: change my port num
  #bindIp: 127.0.0.1
security:
    authorization: enabled

next i was aws security group open and write my port num and anywhere setting

Is this a problem? What should I add more?
Please teach me

In your mongo.conf its good to disable the REST API and http interface.

Use a non default Mongo port e.g not 27017 and use AWS security groups to only allow that port to a given IP not to the world.

You can find these programs using the Linux find command as such:

find / -name 'program_name' -print 2> /dev/null

Where 'program_name' is for example, bsondump.

find / -name 'bsondump' -print 2> /dev/null

The 2> /dev/null prevents find from printing all the paths it looks at.

The issue was actually in using the T2 instance, we upgraded to M4 instances and it is running well