Yandex

MongoDB - Getting StartedMongoDB - Getting Started1

  1. 1MongoDB Course Index

Module 1: Introduction and SetupModule 1: Introduction and Setup6

  1. 1What is MongoDB? (NoSQL vs SQL)
  2. 2MongoDB Use-cases and Features Overview
  3. 3Installing MongoDB on Windows
  4. 4Installing MongoDB on Linux
  5. 5Installing MongoDB on Mac
  6. 6Introduction to MongoDB Atlas (Cloud)

Module 2: MongoDB BasicsModule 2: MongoDB Basics6

  1. 1Understanding Databases, Collections, and Documents in MongoDB
  2. 2JSON vs BSON in MongoDB
  3. 3MongoDB Data Types
  4. 4Creating a Database and Collection in MongoDB
  5. 5Using MongoDB Compass
  6. 6Using MongoDB Shell

Module 3: CRUD OperationsModule 3: CRUD Operations6

  1. 1Insert Operations in MongoDB
  2. 2Read Operations in MongoDB
  3. 3Query Filtering with Operators
  4. 4Update Operations in MongoDB
  5. 5Delete Operations in MongoDB
  6. 6Using Projection and Sorting in Queries

Module 4: Advanced QueryingModule 4: Advanced Querying4

  1. 1MongoDB Query Operators Overview
  2. 2Working with Arrays and Embedded Documents in MongoDB
  3. 3Querying Nested Fields in MongoDB
  4. 4Pagination using limit(), skip(), and sort() in MongoDB

Module 5: Indexing and PerformanceModule 5: Indexing and Performance4

  1. 1What are Indexes and Why Use Them
  2. 2Creating Single Field and Compound Indexes in MongoDB
  3. 3Multikey Indexes for Arrays
  4. 4Using explain() for Query Optimization in MongoDB

Module 6: Aggregation FrameworkModule 6: Aggregation Framework5

  1. 1Introduction to Aggregation
  2. 2Using $match, $group, $project, $sort in MongoDB Aggregation
  3. 3Aggregation Pipeline Stages Explained
  4. 4Common Use Cases: Grouping, Counting, Summing
  5. 5MapReduce vs Aggregation Framework in MongoDB

Module 7: Schema Design & ValidationModule 7: Schema Design & Validation4

  1. 1Schema Design Patterns: Embedding vs Referencing
  2. 2One-to-One, One-to-Many, Many-to-Many Relationships in MongoDB
  3. 3MongoDB Schema Validation with JSON Schema
  4. 4Defining Custom Validation Rules in MongoDB

Module 8: Working with MongoDB in CodeModule 8: Working with MongoDB in Code2

  1. 1MongoDB with Python using PyMongo
  2. 2MongoDB with Node.js using Mongoose

Module 9: MongoDB Atlas (Cloud)Module 9: MongoDB Atlas (Cloud)3

  1. 1Setting Up a Free MongoDB Atlas Cluster
  2. 2Creating and Managing Databases in Atlas
  3. 3Connecting MongoDB Atlas to Local Applications

Module 10: Backup, Restore and SecurityModule 10: Backup, Restore and Security5

  1. 1Backing Up MongoDB using mongodump
  2. 2Restoring Data using mongorestore
  3. 3Creating Users and Assigning Roles in MongoDB
  4. 4Role-Based Access Control and Authentication
  5. 5Basic MongoDB Security Best Practices

Module 11: Real-World ProjectsModule 11: Real-World Projects3

  1. 1Project 1: Task Tracker with Node.js + MongoDB
  2. 2Project 2: Blog App with Express + Mongoose
  3. 3Project 3: Inventory System (Console-based App)

ProgramGuru

Basic MongoDB Security Best Practices

Basic MongoDB Security Best Practices

MongoDB is powerful, but with great power comes great responsibility. Out-of-the-box, MongoDB has minimal security enabled, especially in development environments. This tutorial covers essential practices to help you secure your MongoDB databases effectively.

Enable Authentication

By default, MongoDB does not enforce authentication, meaning anyone can access the database. This is risky, especially in production.

To enable authentication, modify the MongoDB configuration file mongod.conf:

    sudo nano /etc/mongod.conf

Locate or add the following lines:


    security:
      authorization: enabled

Restart MongoDB to apply the change:

    sudo systemctl restart mongod

Create an Admin User

After enabling authentication, you need to create a user with administrative privileges to manage the database:


    use admin

    db.createUser({
      user: "adminUser",
      pwd: "StrongPassword123",
      roles: [{ role: "userAdminAnyDatabase", db: "admin" }]
    });
    Successfully added user: {
      "user": "adminUser",
      "roles": [ { "role": "userAdminAnyDatabase", "db": "admin" } ]
    }

Q: What happens if you restart MongoDB after enabling auth but don’t create a user first?

A: You’ll lock yourself out! Always create the admin user before enabling authentication in production.

Use Role-Based Access Control (RBAC)

Never give all users admin privileges. MongoDB supports built-in roles like:

  • read – read-only access
  • readWrite – read and write
  • dbAdmin – database-level admin
  • userAdmin – user management

Create a user for a specific database:


    use myapp

    db.createUser({
      user: "appUser",
      pwd: "AppPassword456",
      roles: [{ role: "readWrite", db: "myapp" }]
    });
    Successfully added user: {
      "user": "appUser",
      "roles": [ { "role": "readWrite", "db": "myapp" } ]
    }

Q: Why is it dangerous to use one admin user for both development and production?

A: It violates the principle of least privilege. If compromised, the attacker gets full access to everything.

Bind to Localhost or Specific IP

By default, MongoDB may bind to all IP addresses, making it open to external access. You can limit access using the bindIp setting.


    net:
      bindIp: 127.0.0.1

Or allow a specific IP (e.g., your app server):


    net:
      bindIp: 127.0.0.1,192.168.1.100

Restart MongoDB to apply:

    sudo systemctl restart mongod

Q: If MongoDB listens on 0.0.0.0, who can connect?

A: Anyone on the internet — a huge security risk unless behind a secure firewall.

Enable Firewall Rules

Use a firewall (like ufw) to allow only your application or admin machine to connect:

    sudo ufw allow from 192.168.1.100 to any port 27017
    sudo ufw enable

This ensures no one else can connect to MongoDB except your trusted IP address.

Use TLS/SSL for Encrypted Connections

To encrypt communication between your app and MongoDB, use TLS/SSL certificates. This prevents packet sniffers from stealing credentials and sensitive data.

    mongod --tlsMode requireTLS --tlsCertificateKeyFile /etc/ssl/mongo.pem

Q: Do you need SSL for local development?

A: Not always, but it’s mandatory in production and remote setups, especially when using MongoDB Atlas.

Avoid Using the Default Port in Production

MongoDB runs on port 27017 by default. Change it to something else in production environments to reduce the risk of automated attacks:


    net:
      port: 27333

Restart the service to reflect the new port.

Keep MongoDB Updated

Always use the latest stable version of MongoDB. Each version includes security patches and performance improvements. Use your system’s package manager to upgrade:

    sudo apt update
    sudo apt upgrade mongodb-org

Audit Logs (Optional but Recommended)

You can enable MongoDB audit logging to track all access and changes. This is especially useful in enterprise environments or for compliance needs.

Summary

  • Enable authentication and create users with appropriate roles
  • Restrict network access to trusted IPs
  • Use firewalls and secure communication (TLS)
  • Avoid running on default port in production
  • Keep MongoDB up to date

These practices help ensure your MongoDB deployments are safe, secure, and production-ready.

Module 10: Backup, Restore and Security

  1. 1Backing Up MongoDB using mongodump
  2. 2Restoring Data using mongorestore
  3. 3Creating Users and Assigning Roles in MongoDB
  4. 4Role-Based Access Control and Authentication
  5. 5Basic MongoDB Security Best Practices

Welcome to ProgramGuru

Sign up to start your journey with us

Support ProgramGuru.org

You can support this website with a contribution of your choice.

When making a contribution, mention your name, and programguru.org in the message. Your name shall be displayed in the sponsors list.

PayPal

UPI

PhonePe QR

MALLIKARJUNA M