How To Install and Secure MongoDB on Ubuntu

MongoDB is open-source, free and NoSQL database system used for fast and high performance. MongoDB stores data into Json format.

MongoDB provides fast and high performance, so it is used in website which requires high performance.

In this article, we will check how to install manage its service and setup basic authentication on Ubuntu 18.04. For that, you should be logged in as a sudo non-root user.

There are many ways you can install and use its services. We will install via Command Line. This is the easiest way to install MongoDB in Ubuntu operating system. Ubuntu includes MongoDB repository by default. You don't need to add PPA manually. Open Terminal and run bellow command one by one to install MongoDB database system.

Install MongoDB

First update your system package repository with bellow command.

sudo apt-get update

And then install MongoDB with bellow command

sudo apt-get install mongodb

That's it. MongoDB is now installed in your system.

Manage MongoDB server

There are also many useful commands by which you can manage MongoDB services.

To verify the service status, run the bellow command.

sudo systemctl status mongodb

You can stop server by running the following command.

sudo systemctl stop mongodb

To start server, run the command.

sudo systemctl start mongodb

Or you can restart the MongoDB server.

sudo systemctl restart mongodb

Adding the Firewall

If you want to use MongoDB server from the internet, you have to allow the incoming connections in ufw. The default port of MongoDB is 27017. To allow it from anywhere over internet, run the bellow command.

sudo ufw allow 27017

But if you only want to give access to specific IP address location, use the bellow command.

First allow remote access and enable ufw.

sudo ufw allow ssh
sudo ufw enable

Then add your server IP.

sudo ufw allow from your_server_IP/32 to any port 27017

You can verify firewall settings with ufw:

sudo ufw status

By default, 27017 port only listens local IP address 127.0.0.1. To allow remote IP, you need to add server IP in the /etc/mongodb.conf configuration file.

sudo nano /etc/mongodb.conf

And add your server IP in the bind_ip value

Save the file and restart the MongoDB server.

Create root admin user

First access MongoDB shell with bellow command

mongo

You can see all database with the query:

show dbs

Now you need to switch to admin database

use admin

Then create root user with the command:

db.createUser({user:"admin", pwd:"123456", roles:[{role:"root", db:"admin"}]})

Now exit from the MongoDB shell

exit

Now you need to enable --auth in the /lib/systemd/system/mongod.service configuuration file.

sudo nano /lib/systemd/system/mongodb.service

In the [Service] option find the bellow line 

ExecStart=/usr/bin/mongod --unixSocketPrefix=${SOCKETPATH} --config ${CONF} $DAEMON_OPTS

Add --auth in the line. Now it will looks like this.

ExecStart=/usr/bin/mongod --auth --unixSocketPrefix=${SOCKETPATH} --config ${CONF} $DAEMON_OPTS

After that reload the daemon units and MongoDB server

sudo systemctl daemon-reload
sudo systemctl restart mongodb

That's it!. Now login with the command

mongo -u admin -p 123456 --authenticationDatabase admin

Conclusion

We have shown how to install and configure MongoDB on your Ubuntu operating system.