Advisory: Bind MongoDB to 127.0.0.1 Only
For security, MongoDB needs to bind only to 127.0.0.1 network interface (or localhost) so that only connections from the local webserver are allowed to connect to it.
The default MongoDB behaviour up to version 2.60 appears to be to bind to all available network interfaces.
We recommend all FileCloud administrators take steps to verify and make the changes to ensure you are running a secure configuration.
For FileCloud running on Windows
- Open the c:/xampp/mongodb/bin/mongodb.conf
Ensure that the following line is in the file, add it in if it is not found.
bind_ip=127.0.0.1
- Save the file and restart the MongoDB database.
For FileCloud running on Linux
- Open the /etc/mongodb.conf (Ubuntu)
Ensure that the following line is in the file, add it in if it is not found.
bind_ip=127.0.0.1
- Save the file
- Restart MongoDB
sudo /etc/init.d/mongodb restart