I am deploying my first little app with MongoDB and Mongoid as a driver.

Question

0

Editorial Team

Asked: May 25, 20262026-05-25T11:39:17+00:00 2026-05-25T11:39:17+00:00

I am deploying my first little app with MongoDB and Mongoid as a driver.

0

I am deploying my first little app with MongoDB and Mongoid as a driver.

What is the right secure way to use MongoDB in production?

I mean in the development I have just started mongod and that’s it – no username or password needed and that looks unsecure.

Also Mongoid sets default configurations

production:
  host: <%= ENV['MONGOID_HOST'] %>
  port: <%= ENV['MONGOID_PORT'] %>
  username: <%= ENV['MONGOID_USERNAME'] %>
  password: <%= ENV['MONGOID_PASSWORD'] %>
  database: <%= ENV['MONGOID_DATABASE'] %>

How should I configure this options and entire MongoDB on my production server?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-25T11:39:18+00:00

To create a production environment where you need to use a username and password to connect:

In the mongo console:

// Add an Admin User (to the admin db)
use admin
db.addUser("theadmin", "anadminpassword")

// Use your database
use supercool

// Add a user (to your database)
db.addUser("joe", "passwordForJoe")

// show all users:
db.system.users.find()

// add readonly user (kinda cool)
db.addUser("readonly", "passwordForJoe", true)

Now, all connections to your mongodb will require authentication — http://www.mongodb.org/display/DOCS/Security+and+Authentication

Also: you can consider using your linux firewall to only allow 27017 from your web server(s).

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am deploying my first little app with MongoDB and Mongoid as a driver.

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply