Security for MongoDB
I would like to know if there is any extra security implementations that I need to be aware when adding a new MongoDB into my project.
I have private network enabled, but I've watched the TCP protocol, and I am a bit confused. As far as I understood from the docs, with the TCP protocol, the DB can be accesible from the internet. So, is that secure? do I have to limit any IPs to access to the DB or something like that?
Solution:Jump to solution
there is a secure password generated when you deploy the database, but if you don't want your database to be accessible publicly at all, just remove the tcp proxy
8 Replies
Project ID:
307f6b0c-11d4-4cf4-8272-11d43ace5a4c307f6b0c-11d4-4cf4-8272-11d43ace5a4c
Solution
there is a secure password generated when you deploy the database, but if you don't want your database to be accessible publicly at all, just remove the tcp proxy
For example, if I have a different project on Railway, and access restricted only from private network. Can I access to the DB from that project ? Or only from the one where I've created the DB?
you would only be able to access the database over the private network from within the same project in the same environment, if you need to access the database from other projects you would need to use the tcp proxy
The problem now, is that I cannot see the data from my own Database in Railway either. So, is there any way to keep it public and safe? Or, if having public access is safe, how would it be protected from brute force attacks?
personally I'd turn the tcp proxy on only when I need to access it externally, since it's not like cloudflare offers ddos protection for databases