MongoDB和Mongoid投入生产 [英] MongoDB and Mongoid in production

问题描述

我正在使用MongoDB和Mongoid作为驱动程序来部署我的第一个小应用程序.

I am deploying my first little app with MongoDB and Mongoid as a driver.

在生产环境中使用MongoDB的正确安全方法是什么?

What is the right secure way to use MongoDB in production?

我的意思是在开发中我刚刚开始mongod，就是这样-不需要用户名或密码，而且看起来不安全.

I mean in the development I have just started mongod and that's it - no username or password needed and that looks unsecure.

Mongoid也设置默认配置

Also Mongoid sets default configurations

production:
  host: <%= ENV['MONGOID_HOST'] %>
  port: <%= ENV['MONGOID_PORT'] %>
  username: <%= ENV['MONGOID_USERNAME'] %>
  password: <%= ENV['MONGOID_PASSWORD'] %>
  database: <%= ENV['MONGOID_DATABASE'] %>

我应该如何在生产服务器上配置此选项和整个MongoDB?

How should I configure this options and entire MongoDB on my production server?

推荐答案

要创建生产环境，您需要使用用户名和密码进行连接:

To create a production environment where you need to use a username and password to connect:

在mongo控制台中:

In the mongo console:

// Add an Admin User (to the admin db)
use admin
db.addUser("theadmin", "anadminpassword")

// Use your database
use supercool

// Add a user (to your database)
db.addUser("joe", "passwordForJoe")

// show all users:
db.system.users.find()

// add readonly user (kinda cool)
db.addUser("readonly", "passwordForJoe", true)

现在，与mongodb的所有连接都将需要身份验证- http://www.mongodb.org /display/DOCS/Security + and + Authentication

Now, all connections to your mongodb will require authentication -- http://www.mongodb.org/display/DOCS/Security+and+Authentication

也:您可以考虑使用Linux防火墙，仅允许来自Web服务器的27017.

Also: you can consider using your linux firewall to only allow 27017 from your web server(s).

这篇关于MongoDB和Mongoid投入生产的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！