Mongo DB Security Configuration

Security gives you a feeling that you are in a safe zone. So, while deploying server and use MongoDB as local DB in the server, sometimes we don’t do the security setup and connect the DB without credentials. It’s a bad practice, we should consider the DB security as it played a major role in our server, web and mobiles apps. I don’t go to the deeper as you all know the list of security concerns of the server. While I set up the MongoDB security, I faced some problem to configure it. So, the following simple steps are given below from my experience to set up the configuration as you don’t do the same mistake and waste your valuable developer time.
Step 1: Create User and Set Roles with ReadWrite Access to DB
$ mongo
> show dbs
> use <db_name> // Switch to Particular DB
> db.createUser( { user: “username”, pwd: “password”, roles: [ { role: “superAdmin”, db: <db_name> }, “readWrite”]} ) // Take Reference
Step 2: Configure mongod.conf and Enable Authentication
$ sudo vi /etc/mongod.conf
- Add the following code snippet at the #security
- From #security: to
security:
authorization: enabled

- Save and Exit
Step 3: Restart Mongod
$ sudo service mongod restart
Step 4: Connect the Database with username and password in Mongoose
uri — mongodb://username:password@localhost/db_name
Note: Don’t Jump Any Steps. If you don’t need security, then comment out the security in mongod.conf like
#security:
# authorization: enabled
