Cannot access MongoDB from the Internet

I am using MongoDB database, which is installed with the IP address 126.22.252.25. The Ubuntu version info is 12.04.3 LTS.

My MongoDB uses the default 27017 port. On this local machine I can use command mongo --host 126.22.252.25 on the local machine to access, but I cannot use this command on any other Linux machine to access MongoDB, nor can I use telnet 126.22.252.25 27017 on my Windows machine.

I am sure 126.22.252.25 machine is accessible from Internet because I can use winSCP and secureCRT to login to it. If I run command netstat -tnlp , it shows:

tcp        0      0 0.0.0.0:27017           0.0.0.0:*               LISTEN

I have already changed the /ect/mongodb.conf file, modifying bind_ip parameter from 0.0.0.0 to 126.22.252.25.

What else can I do?

VicoWu110

Posted 2013-11-07T03:38:14.810

Reputation: 21

Late to comment on this question, but is that 126.22.252.25 address—or should I say, “was” that address—really the IP address of the MongoDB server? Because you generally never want a database server open to the world even if the credentials limit access. There should always be firewall rules in place that would limit access to the machine to a specific IP address. Opening up a MongoDB or MySQL instance to the world is asking for trouble. Either the server might be hacked or at least slowed down by DDoS attempts connected to hacking. – JakeGould – 2015-10-27T05:31:31.547

Answers

-1

Being on the bind address for 0.0.0.0 means that the service is listening on all available interfaces for the machine. In that case it is not required to explicitly change the bind_ip (which btw, is the option that you could do this from) in order to match an address that would be accessible.

What is more likely your problem here is that there are external firewall rules in play from your hosting provider, or otherwise configured on your network. These would be explicityly blocking, or rather only allowing explicitly allowed traffic to communicate with the outside world of the internet. Or in another case, you might even just have that port blocked from where you are trying to access your server from.

Port blocking is common, and most admins leave things open to only a subset of typical ports, http etc etc. But having one service available does not automatically mean you get another for free.

So you would likely need to check that the server and client access ports are available at both ends, in order for you to talk to MongoDB.

That said, you probably should not do this, as exposing your database to the world is a very bad idea. If you absolutely need tools to connect from remote locations, then better to tunnel over something like ssh that is going to be more commonly supported in allowed protocols, and is considerably more secure.

Neil Lunn

Posted 2013-11-07T03:38:14.810

Reputation: 99

-1

Try this one

The first is to use a non-standard port. This is more of an obfuscation technique and simply means that default connection adapters will not work.

In your MongoDB configuration file, change the following line to something other than 27017

port = 27017

Secondly, you'll want to bind Mongo directly to your application server's IP address. Setting this to 127.0.0.1 will ensure that Mongo only accepts connections locally.

In your MongoDB configuration file, change the following line to your application server's IP address

 bind_ip = 127.0.0.1

Lastly, consider using MongoDB's authentication feature and set a username and password. To set this up, connect to the MongoDB shell as an admin with the mongo command and add a user. Once that's done, make sure you're adding the newly added username/password in your MongoDB connection strings.

Alok Deshwal

Posted 2013-11-07T03:38:14.810

Reputation: 109