mongodb.conf bind_ip = 127.0.0.1 does not work but 0.0.0.0 works

It should be clear for anyone looking up this answer that binding your mongoDB to 0.0.0.0 could be your worst move ever.

Please read up on the following article and make sure that whenever you DO decide to go all public with your (and your customers) data, you consider the following:

  • Do you have additional firewall rules to decide who or what can
    access your service
  • Understand that when using Amazon EC2, if you allow 'internal' traffic it should be considered the same as putting it wide open, you are not alone at Amazon
  • Are your services password protected ? And what kind of authentication ? Is the data submitted in clear text or using
    encryption
  • Are you using the default database names, or have you copy pasted an example?

Before binding your server to 0.0.0.0, please be clear about the security implications of those changes: Your server will be publicly exposed to all IPs on the whole internet. Be sure to enable authentication on your server!

You can't access your machine when you bind it to 127.0.0.1 on EC2. That's not a bug, it's reasoned by the network interface bindings.

127.0.0.1 will only bind to the loopback interface (so you will only be able to access it locally), while 0.0.0.0 will bind it to all network interfaces that are available.

That's why you can access your mongodb on EC2 when you bind it to 0.0.0.0(as it's available through the internet now) and not via 127.0.0.1.

For local servers (like a WAMP or a local mongodb server) that won't look different to you, but for that case you should also thing that binding to 0.0.0.0 for local servers might make them available over all network interfaces (so it might be public for someone who knows your IP, if there is no firewall!)

Read on a similar question on Server Fault here.


Everywhere it's written that you have to bind them like this

bindIp : 127.0.0.1,192.168.0.50

but it doesn't work.

how it works, in the version 3.2.0 is

bindIp : [127.0.0.1,192.168.0.50]

so try to add your ips inside the [ ]

example :

# network interfaces
net:
      port: 27017
      bindIp : [127.0.0.1,0.0.0.0]  (read what is written below in BOLD!)

However 0.0.0.0 opens up the stuff. While this is ok for TESTING, for production you should know the security implications of this setting!

Tags:

Amazon Ec2

Mongodb

Recent Posts