我正在使用MongoDB和Mongoid作为驱动程序部署我的第一个小应用程序。
在生产环境中,什么是正确的安全使用MongoDB的方式?
我的意思是,在开发中,我只需启动mongod,这看起来不太安全,无需用户名或密码。
Mongoid还设置了默认配置。
production:
host: <%= ENV['MONGOID_HOST'] %>
port: <%= ENV['MONGOID_PORT'] %>
username: <%= ENV['MONGOID_USERNAME'] %>
password: <%= ENV['MONGOID_PASSWORD'] %>
database: <%= ENV['MONGOID_DATABASE'] %>
我应该如何在我的生产服务器上配置这些选项和整个MongoDB?
为创建一个需要使用用户名和密码连接的生产环境:
在Mongo控制台中:
// Add an Admin User (to the admin db)
use admin
db.addUser("theadmin", "anadminpassword")
// Use your database
use supercool
// Add a user (to your database)
db.addUser("joe", "passwordForJoe")
// show all users:
db.system.users.find()
// add readonly user (kinda cool)
db.addUser("readonly", "passwordForJoe", true)
现在,所有连接到您的mongodb都需要进行身份验证 -- http://www.mongodb.org/display/DOCS/Security+and+Authentication
此外:您可以考虑使用Linux防火墙仅允许来自您的Web服务器的27017端口。
MongoDB默认不支持身份验证。这是设计上的考虑,预计由各个应用程序处理。但启用MongoDB的身份验证并不太困难。我将描述我针对典型的Rails、Mongoid、Git、Capistrano基础架构所采取的步骤。
First add a user to the admin database. Without which none of the below steps work.
use admin
db.addUser("heisenberg", "knock-knock")
Create a user to the db your application will use. In MongoDB authentication works on a per db level
use breaking_bad
db.addUser("gus", "fring")
Better yet, create a user for just read-only purposes for security and performance benefits
use breaking_bad
db.addUser("walter", "white", true)
Enable the auth flag for mongodb to respect all your authentication related hardwork. This can be done either through a --auth flag to the mongodb command. Or better uncomment this line in the /etc/mongodb.conf
auth = true #Uncomment me
Now restart your mongodb process to pickup the new changes.
service mongodb restart
Check if you are on the right track by ensuring that your CRUD application now fails! It lost access to read/write from your mongodb afterall. Now add the username: and password: attributes to your mongoid.yml under the default group.
production:
sessions:
default:
database: breaking_bad
hosts:
- albuquerque.com:27017
username: gus
password: fring
For bonus points, remove the mongoid.yml file from the git repository as this file now has security credentials
git rm mongoid.yml
Add capistrano tasks that copy the mongoid.yml file from your dev machine to your server and add appropriate symlinks. Run cap deploy after this
namespace :mongoid do
desc "Copy mongoid config"
task :copy do
upload "config/mongoid.yml", "#{shared_path}/mongoid.yml", :via => :scp
end
desc "Link the mongoid config in the release_path"
task :symlink do
run "test -f #{release_path}/config/mongoid.yml || ln -s #{shared_path}/mongoid.yml #{release_path}/config/mongoid.yml"
end
end
Use the bind_ip setting in your /etc/mongodb.conf to tell MongoDB to only accept connections from your webserver
Use iptables to setup firewall settings to further secure your setup. Or use it within a VPN.