This version of the documentation is archived and no longer supported.

Security Hardening

To reduce the risk exposure of the entire MongoDB system, ensure that only trusted hosts have access to MongoDB.

MongoDB Configuration Hardening

Changed in version 3.6: MongoDB 3.6 removes the deprecated HTTP interface and REST API to MongoDB.

For more information, see MongoDB Configuration Hardening.

Network Hardening

To restrict exposure to MongoDB, configure firewalls to control access to MongoDB systems. Use of VPNs can also provide a secure tunnel.

For more information, see Hardening Network Infrastructure.