In this blog we mainly talk about the access control including limitation of ip, setting listen port and usage of username and password. In the official document, mongodb server start without the argument , so once the connection was created, the remote client could do everything. But in the productive environment it’s advisable to take security into consideration and to enhance the security protection. For the sake of lowing the potential risk, the above measures could be taken to deal with these problems. First, Binding IP address to access MongoDB. Mongodb could put restriction on the ip address thought argument ‘bind_ip’ when being started. For example, now we only limit ip address[192.168.55.165] to access the server.
Secondly, use the certain port
Thirdly, add user and password