MongoDB for Developers with Python Transcripts
Chapter: Deploying MongoDB in production (and playing it safe)
Lecture: Limit you network exposure
Login or
purchase this course
to watch this video and the rest of the course contents.
0:01
One of the most important things we can do to make our MongoDB server safe
0:04
even if we screw up the configuration, the authentication, the encryption, all those things is to make sure nobody can talk to it.
0:12
So we're going to do two simple things right away to lock down our server. Obviously our web app, or whatever app, our service
0:21
whatever we're building that uses MongoDB should be able to talk to it, and it's this probably within a data center
0:27
we could possibly get to it from our local machines, but well do things like ssl tunnels and so on to do that,
0:32
so we won't open up any extra ports for this. However, there's always something out there lurking,
0:38
I showed you that super scary warning at the beginning and they're out there looking, they are saying
0:44
hey I would love to talk to the server on port 27017 the default port or maybe 1.8 or 1.9, or 20, depending on the service you're running.
0:51
So we want to block those guys, we want to block them with the firewall and a couple of other things. That's what we're going to do next.
0:59
We're going to do this like I said, in Linux itself, in Ubuntu itself, we could the cloud computing stuff like Digital Ocean just announced
1:07
this cloud firewall thing that is really probably easier and if you're using Digital Ocean have a look at that,
1:13
but we'll do it here and it works just fine.