Hacker News new | ask | show | jobs
by moozeek 4141 days ago
# 1st: accept connections from localhost

iptables -A INPUT -p tcp -s 127.0.0.1 --dport 27017 -j ACCEPT

iptables -A INPUT -p tcp -s 127.0.0.1 --dport 28017 -j ACCEPT

# 2nd: drop from all others

iptables -A INPUT -p tcp --dport 27017 -j DROP

iptables -A INPUT -p tcp --dport 28017 -j DROP
2 comments
stennie 4141 days ago
FYI, the Security section of the MongoDB manual has a checklist (http://docs.mongodb.org/manual/administration/security-check...) and example firewall configurations for iptables on Linux and netsh on Windows: http://docs.mongodb.org/manual/administration/security-netwo....
link
Kudos 4141 days ago
# 3rd: change bind_ip from 127.0.0.1 to whatever in mongod.conf
link