mongodb - How to prevent to anonymous access to Mongo DB?
问题描述
I still don`t can prevent to anonymous access to Mongo DB after do below steps.
1- Create admin user with this command
mongod --port 27017 --logpath D:\Files\Sessions\log\mongo.log --dbpath D:\Files\Sessions\data\db
2- Create mongod.conf file with this config
systemLog:
destination: file
path: "D:/Files/Sessions/log/mongo.log"
storage:
dbPath: "D:/Files/Sessions/data/db"
net:
bindIp: 127.0.0.1, localhost
port: 27017
3- Execute mongod --config "D:\Files\Sessions\mongod.conf"
4- Create admin user with
use admin
db.createUser(
{
user: "myUserAdmin",
pwd: passwordPrompt(), // or cleartext password
roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
}
)
5- Update mongod.conf with add this config to that
security:
authorization: enabled
6- Execute mongod --config "D:\Files\Sessions\mongod.conf"
I also in between steps, many times execute this command
mongod --port 27017 --logpath D:\Files\Sessions\log\mongo.log --dbpath D:\Files\Sessions\data\db --auth
In final, I can create new admin user and authenticate with that but still i can also authenticate as anonymous user without credential!
Just in case => mongo version: 4.2, windows 10
What`s wrong?
解决方案
推荐阅读
- nuxt.js - 使用 NuxtJs 将 Body 设置为 100% 高度
- latex - r-markdown beamer 演示文稿中的标题页重复
- swift - 如何在 iOS 上禁用 IMA UI
- swift - 集合视图单元格 ImageView 不适合 Swift 中的屏幕
- c# - 返回新创建的存储过程 C#
- django - 基于另一个查询结果的 Django 查询
- excel - 有没有办法借助两个股票方差公式中的 for 循环来缩短流程?
- ruby-on-rails - 请解释has_many,通过:来源:Rails Association
- hibernate - 如何在休眠中为自身实体添加@OneToMany 映射
- javascript - Javascript 新手:弹出菜单