Security best practices for MongoDB
- MongoDB doesn’t have access control enabled by default. You must enable it. Also, configure RBAC (role-based access control).
- Configure Transport Layer Security to encrypt all traffic to and from the database.
- Use at rest encryption to protect the contents of the DB in the event that someone is able to copy the database files (in a backup, for instance) or the server image.
- Restrict network exposure to tighten the security of the network topology that hosts the MongoDB database.
- Use official MongoDB package repositories. Ensure that the packages are official MongoDB packages and pass the authenticity checks.
Full post here, 7 mins read