Is allowing mongodb connection from anywhere safe if the database is password protected?

Posted May 9, 2020 429 views

I want to set my firewall settings on my MongoDB droplet to allow connections to port 27017 from anywhere.
Would this be a security threat if the DB itself is password protected with a long, secure password?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Hi there,

I would not really recommend it, as if the service is open to the world, attackers could use a brute-force attack and crack your password and get to the data. For production databases, I would always strongly recommend using a firewall.

Hope that this helps!