Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
MongoDB Administrator???s Guide

You're reading from   MongoDB Administrator???s Guide Over 100 practical recipes to efficiently maintain and administer your MongoDB solution

Arrow left icon
Product type Paperback
Published in Oct 2017
Publisher Packt
ISBN-13 9781787126480
Length 226 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Cyrus Dasadia Cyrus Dasadia
Author Profile Icon Cyrus Dasadia
Cyrus Dasadia
Arrow right icon
View More author details
Toc

Table of Contents (11) Chapters Close

Preface 1. Installation and Configuration FREE CHAPTER 2. Understanding and Managing Indexes 3. Performance Tuning 4. High Availability with Replication 5. High Scalability with Sharding 6. Managing MongoDB Backups 7. Restoring MongoDB from Backups 8. Monitoring MongoDB 9. Authentication and Security in MongoDB 10. Deploying MongoDB in Production

Restricting network access using firewalls


In this recipe, we will take a quick look at how to use Linux IPTables to add firewall rules that can restrict unwanted access to MongoDB processes.

Getting ready

You need standard MongoDB binaries on a Linux operating system. We are going to use Uncomplicated Firewall (UFW) tools, which is a handy wrapper built on top of IPTables. We assume that you have a three-node replica set running on the following hosts:

Hostname

IP

server1.foo.com

10.1.1.1

server2.foo.com

10.1.1.2

server3.foo.com

10.1.1.3

How to do it...

  1. Most Linux distributions come with a kernel that supports net filters, the network filter API on top of which IPTables is built. We will install UFW, a set of tools that help simplify IPTables configuration:
apt-get install ufw
  1. Enable the UFW service:
ufw enable
  1. Add the firewall rules to allow all traffic on port 27017 from known IPs:
ufw allow from 10.1.1.1 to any port 27017
ufw allow from 10.1.1.2 to any port 27017
ufw allow from 10.1.1.3 to any port 27017...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image