This version of the documentation is archived and no longer supported.


This section outlines basic security and risk management strategies and access control. The included tutorials outline specific tasks for configuring firewalls, authentication, and system privileges.

You can download this section in PDF form as MongoDB Security.

Security Introduction
A high-level introduction to security and MongoDB deployments.
Security Concepts

The core documentation of security.

Access Control
Control access to MongoDB instances using authentication and authorization.
Network Exposure and Security
Discusses potential security risks related to the network and strategies for decreasing possible network-based attack vectors for MongoDB.
Security and MongoDB API Interfaces
Discusses potential risks related to MongoDB’s JavaScript, HTTP and REST interfaces, including strategies to control those risks.
Sharded Cluster Security
MongoDB controls access to sharded clusters with key files.
Security Tutorials

Tutorials for enabling and configuring security features for MongoDB.

Create a Vulnerability Report
Report a vulnerability in MongoDB.
Network Security Tutorials
Ensure that the underlying network configuration supports a secure operating environment for MongoDB deployments, and appropriately limits access to MongoDB deployments.
Access Control Tutorials
MongoDB’s access control system provides role-based access control for limiting access to MongoDB deployments. These tutorials describe procedures relevant for the operation and maintenance of this access control system.
Security Reference
Reference for security related functions.